A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows malicious users to execute arbitrary code via a crafted POST request.
control-webpanel webpanel