A CSRF issue was found in var/www/html/files.php in DanWin hosting through 2018-02-11 that allows arbitrary remote users to add/delete/modify any files in any hosting account.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hosting_project | hosting | * |