Share
## https://sploitus.com/exploit?id=SAINT:1BB245757D6D56C02F2972340658AECC
Added: 01/21/2026  


### Background

Control Web Panel is a web hosting panel for Linux. 

### Problem

A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted key parameter. 

### Resolution

Upgrade to Control Web Panel 0.9.8.1209 or higher. 

### References

https://seclists.org/fulldisclosure/2025/Dec/25   


### Limitations

Softaculous and/or SitePad must be installed through the Scripts Manager in order for this exploit to succeed. 

### Platforms

Linux