A CSRF issue was found in var/www/html/files.php in DanWin hosting through 2018-02-11 that allows arbitrary remote users to add/delete/modify any files in any hosting account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 51.8%