2125 matches found
SUSE CVE-2025-43920
GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...
CVE-2025-43921
GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...
CVE-2025-43920
GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...
UBUNTU-CVE-2025-43920
GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...
UBUNTU-CVE-2025-43919
GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...
WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by anhchangmutrang in WordPress Plugin Mediavine Control Panel versions = 2.10.6...
CVE-2025-39556
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel mediavine-control-panel allows Retrieve Embedded Sensitive Data.This issue affects Mediavine Control Panel: from n/a through = 2.10.6...
CVE-2025-39556 WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel allows Retrieve Embedded Sensitive Data. This issue affects Mediavine Control Panel: from n/a through 2.10.6...
CVE-2025-39556 WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel mediavine-control-panel allows Retrieve Embedded Sensitive Data.This issue affects Mediavine Control Panel: from n/a through = 2.10.6...
CVE-2025-39556
CVE-2025-39556: Mediavine Control Panel plugin (WordPress)
WordPress plugin Mediavine Control Panel 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-30006
Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30006
Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30006 Xorcom CompletePBX <= 5.2.35 Reflected Cross-Site Scripting
Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30006
CVE-2025-30006 describes a reflected cross-site scripting (XSS) vulnerability in the admin control panel of Xorcom CompletePBX . The issue affects all CompletePBX versions up to and including 5.2.35. The vulnerability arises in the administrative interface and is exploitable under the CVSS 3.1 me...
OpenPanel 安全漏洞
Open Panel is an open source game server control panel. An elevation of privilege vulnerability exists in Open Panel. An attacker can exploit this vulnerability to escalate privileges via the Fix Privileges feature...
Hestia Control Panel 1.9.3 Remote Code Execution
Hestia Control Panel version 1.9.3 suffers from a remote command execution vulnerability. Exploit Title: Hestia Control Panel Remote Code Execution Google Dork: N/A Date: 05-03-2025 Exploit Author: Buğra Enis Dönmez n3c1 Vendor Homepage: https://hestiacp.com/ Software Link: https://hestiacp.com/...
The vulnerability of the bar files in the control panel of the software integration for IBM App Connect Enterprise allows a perpetrator to write any files into the file system.
The vulnerability of the bar files in the control panel of the IBM App Connect Enterprise software relates to incorrect path name restrictions for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to write any files into the file system remotely...
Acronis Backup plugin for cPanel & WHM (Linux)和Acronis Backup extension for Plesk (Linux) 安全漏洞
Acronis Backup plugin for cPanel & WHM Linux and Acronis Backup extension for Plesk Linux are both plug-ins from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux and Acronis Backup extension for Plesk Linux, which stems from improper handling of...
PT-2025-9037 · Acronis · Acronis Backup Plugin For Cpanel & Whm +1
Name of the Vulnerable Software and Affected Versions: Acronis Backup plugin for cPanel & WHM Linux versions 1.8.4.866 and earlier Acronis Backup plugin for cPanel & WHM Linux versions 1.9.1.892 and earlier Acronis Backup extension for Plesk Linux versions 1.8.7.615 and earlier Description: The...