CVE-2017-18409

In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases SEC-283...

Input validation

In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases SEC-283...

CVE-2017-18411

The CVE-2017-18411 issue concerns cPanel’s addon domain conversion feature (pre-67.9999.103). The affected component is the addon domain conversion workflow, which can copy all MySQL databases to the newly created account, per SEC-285. The available documents describe the vulnerability impact as ...

CVE-2017-18409

In this CVE, the affected software is cPanel prior to 67.9999.103. The backup interface could return a backup archive containing all MySQL databases (SEC-283), indicating an information disclosure vulnerability in the backup generation process. The available sources do not specify the exact root ...

CVE-2017-18409

In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases SEC-283...

PowerDNS Zone Transfer Data Restriction Denial of Service Vulnerability

PowerDNS is a cross-platform open source DNS service component , it supports the use of Access mdb files in Windows systems to record DNS information , in Linux/Unix systems use MySQL to record DNS information . A denial-of-service vulnerability exists in the PowerDNS server, which stems from the...

Netdata - Real-Time Performance Monitoring

netdata is a highly optimized Linux daemon providing real-time performance monitoring for Linux systems, Applications, SNMP devices, over the web ! It tries to visualize the truth of now , in its greatest detail , so that you can get insights of what is happening now and what just happened, on yo...

JSPMySQL Administrador - Multiple Vulnerabilities

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-JSPMYSQLADMINISTRADOR-0904.txt Vendor: ================================ JSPMySQL Administrador https://sites.google.com/site/mfpledon/producao-de-software Product:...

JSPMySQL Administrador 1 Cross Site Request Forgery / Cross Site Scripting

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-JSPMYSQLADMINISTRADOR-0904.txt Vendor: ================================ JSPMySQL Administrador https://sites.google.com/site/mfpledon/producao-de-software Product:...

Parallels PLESK 9.x - Insecure Permissions

No description provided by source. Exploit Title: PLESK 9.x insecure directory permission admin password revealed Date: 25/04/2012 Author: Nicolas Krassas , twitter.com/dinosn Software Link: www.parallels.com/plesk/ Version: 9.x Tested on: ubuntu / centos During backup procedures, PLESK panel is...

Team GhostShell Exposes 700k accounts from African universities and businesses

The Hacktivist group Team GhostShell today exposes data including 700,000 accounts / records from African universities and businesses during a campaign named ProjectSunRise. Hacker mention, "GhostShell's new project focuses on Africa, mainly, for the time being, South Africa and to some extent...

Team GhostShell Exposes 700k accounts from African universities and businesses

The Hacktivist group Team GhostShell today exposes data including 700,000 accounts / records from African universities and businesses during a campaign named ProjectSunRise. Hacker mention, "GhostShell's new project focuses on Africa, mainly, for the time being, South Africa and to some extent...

Parallels PLESK 9.x Insecure Permissions

Exploit Title: PLESK 9.x insecure directory permission admin password revealed Date: 25/04/2012 Author: Nicolas Krassas , twitter.com/dinosn Software Link: www.parallels.com/plesk/ Version: 9.x Tested on: ubuntu / centos During backup procedures, PLESK panel is keeping a detailed log of the proce...

Parallels PLESK 9.x - Insecure Permissions

Exploit Title: PLESK 9.x insecure directory permission admin password revealed Date: 25/04/2012 Author: Nicolas Krassas , twitter.com/dinosn Software Link: www.parallels.com/plesk/ Version: 9.x Tested on: ubuntu / centos During backup procedures, PLESK panel is keeping a detailed log of the proce...

WordPress <= 3.3.1 Multiple Vulnerabilities

Exploit for php platform in category web applications Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version affected: 3.3.1 and prior Product description:...

Nmap NSE net: mysql-databases

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 11 Update: ocaml-mysql-1.0.4-8.fc11.1

ocaml-mysql is a package for ocaml that provides access to mysql databases. It consists of low level functions implemented in C and a module Mysql intended for application development...

MySQLDumper vulnerability: Bypassing Apache based access control possible

A critical security issue has been found in the Open Source PHP backup tool MySQLDumper 0. The issue allows to bypass an Apache based access control created with MySQLDumper. Through this an attacker can easily gain full control about all features of MySQLDumper. The authors of MySQLDumper were...