19 matches found
CVE-2021-31803
cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...
CVE-2017-18422
In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions SEC-272...
EUVD-2021-18682
Malware in sbrugna...
EUVD-2017-9538
Malware in sbrugna...
EasyApache 缓冲区错误漏洞
EasyApache is a powerful and easy-to-use tool from the Apache Foundation, built into WHM/cPanel, that can be used to update and configure the Apache web server. A security vulnerability exists in EasyApache that originates from a buffer overflow in PDOFirebird in EasyApache. An attacker can explo...
EasyApache 代码问题漏洞
EasyApache is a powerful and easy-to-use tool from the Apache Foundation, built into WHM/cPanel, that can be used to update and configure the Apache web server. A code issue vulnerability exists in EasyApache that allows remote attackers to perform Denial of Service DoS attacks. The following...
Apache EasyApache 代码问题漏洞
EasyApache is a powerful and easy-to-use tool from the Apache USA Foundation, built into WHM/cPanel, that can be used to update and configure the Apache web server. A code issue vulnerability exists in Apache EasyApache that stems from pointing NULL pointers to MODHTTP2, MODSESSION, and...
cPanel cross-site scripting vulnerability (CNVD-2021-31749)
Cpanel is a set of Web-based automated colocation platform from Cpanel, Inc. in the United States. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 94.0.3. The vulnerability stems from saving...
CVE-2021-31803
cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...
CVE-2021-31803
cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...
Design/Logic Flaw
cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...
CVE-2021-31803
cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile SEC-581...
CVE-2021-31803
CVE-2021-31803 affects cPanel prior to 94.0.3, enabling a self‑XSS via the EasyApache 4 Save Profile (SEC-581). The issue lies in saving a configuration file without adequately filtering user input, allowing an attacker to inject JavaScript. Affected component/flow is the EasyApache 4 Save Profil...
Cpanel 跨站脚本漏洞
Cpanel is a set of Web-based automated colocation platform from Cpanel, Inc. in the United States. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 94.0.3. The vulnerability stems from saving...
CVE-2017-18422
In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions SEC-272...
CVE-2017-18422
In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions SEC-272...
Code injection
In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions SEC-272...
CVE-2017-18422
In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions SEC-272...
CVE-2017-18422
CVE-2017-18422 affects cPanel before 66.0.2. During EasyApache 4 conversion, ownership and permissions for domlog are set weakly, creating a potential partial confidentiality impact. Root cause: misconfigured ownership/permissions in the domlog during EasyApache 4 conversion. Practical impact is ...