PT-2021-16982 · Cpanel · Cpanel

Name of the Vulnerable Software and Affected Versions: cPanel versions prior to 92.0.9 Description: The issue allows a MySQL user with an old-style password hash to bypass suspension. Recommendations: For versions prior to 92.0.9, update to version 92.0.9 or later to resolve the issue...

AnchorCMS < 0.12.3a - Information Disclosure Exploit

Exploit for multiple platform in category web applications Exploit Title: Information disclosure MySQL password in error log Exploit Author: Tijme Gommers https://twitter.com/finnwea/ Vendor Homepage: https://anchorcms.com/ Software Link: https://github.com/anchorcms/anchor-cms/releases Version:...

CVE-2017-18408

cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces SEC-282...

Ansible: in some circumstances the mysql_user module may fail to correctly change a password

An input validation vulnerability was found in Ansible's mysqluser module which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed...

CVE-2016-6531

Open Dental 16.1 and earlier has a hardcoded MySQL root password, which allows remote attackers to obtain administrative access by leveraging access to intranet TCP port 3306. NOTE: the vendor disputes this issue, stating that the "vulnerability note ... is factually false ... there is indeed a...

CVE-2014-8604

The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns the MySQL password in cleartext to a text box in the configuration panel, which allows remote attackers to obtain sensitive information via unspecified vectors...

PHPB2B某处漏洞直接查看mysql密码

简要描述： PHPB2B某处漏洞直接查看mysql密码 详细说明： PHPB2B某处漏洞直接查看mysql密码 官网下载的最新版 install/install.php 安装文件，查看下代码。 ?php / PHPB2B Copyright C 2007-2099, Ualink Inc. All Rights Reserved. The contents of this file are subject to the License; you may not use this file except in compliance with the License. @version...

XCloner Wordpress/Joomla! backup Plugin v3.1.1 &#40;Wordpress&#41; v3.5.1 &#40;Joomla!&#41; Vulnerabilities

Title: XCloner Wordpress/Joomla! backup Plugin v3.1.1 Wordpress v3.5.1 Joomla! Vulnerabilities Author: Larry W. Cashdollar, @larry0 Date: 10/17/2014 Download: https://wordpress.org/plugins/xcloner-backup-and-restore/ Download:...

XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities

No description provided by source. Title: XCloner Wordpress/Joomla! backup Plugin v3.1.1 Wordpress v3.5.1 Joomla! Vulnerabilities Author: Larry W. Cashdollar, @larry0 Date: 10/17/2014 Download: https://wordpress.org/plugins/xcloner-backup-and-restore/ Download:...

WordPress XCloner Plugin - Multiple Vulnerabilities

XCloner plugin is prone to multiple vulnerabilities, such as: unauthenticated remote access to backup files via easily guessable file names, arbitrary command execution and authenticated remote file access. Also, clear text MySQL password exposure through HTML text box. Solution Upgrade the plugi...

WordPress Plugin / Joomla! Component XCloner - Multiple Vulnerabilities

Title: XCloner Wordpress/Joomla! backup Plugin v3.1.1 Wordpress v3.5.1 Joomla! Vulnerabilities Author: Larry W. Cashdollar, @larry0 Date: 10/17/2014 Download: https://wordpress.org/plugins/xcloner-backup-and-restore/ Download:...

WordPress Plugin Joomla! Component XCloner - Multiple Vulnerabilities

WordPress Plugin Joomla! Component XCloner - Multiple Vulnerabilities Title: XCloner Wordpress/Joomla! backup Plugin v3.1.1 Wordpress v3.5.1 Joomla! Vulnerabilities Author: Larry W. Cashdollar, @larry0 Date: 10/17/2014 Download: https://wordpress.org/plugins/xcloner-backup-and-restore/ Download:...

WordPress XCloner Plugin <= 3.1.1 - Multiple Vulnerabilities

There are multiple vulnerabilities in this plugin, such as arbitrary command execution, clear text MySQL password exposure through html text box under configuration panel, MySQL password exposed to process table, database backups exposed to local users due to open file permissions, authenticated...

Infoblox 6.8.2.11 - OS Command Injection / Weak MySQL Password Vulnerability

Infoblox versions 6.4.x.x through 6.8.4.x suffer from a remote OS command injection and use a default login of root with password root on their MySQL instances. Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor...

Accellion Secure File Transfer Code Execution

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Accellion Secure File Transfer SFTP Satellite Remote Root Code Execution PDF:...

CVE-2011-3196

The setup script in Domain Technologie Control DTC before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file...

CVE-2011-3196

The setup script in Domain Technologie Control DTC before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file...

Design/Logic Flaw

The setup script in Domain Technologie Control DTC before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file...

CVE-2011-3196

The setup script in Domain Technologie Control DTC before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file...

CVE-2011-3196

The CVE-2011-3196 issue affects Domain Technologie Control (DTC) prior to version 0.34.1. The root cause is world-readable permissions on /etc/apache2/apache2.conf, which allowed local users to read a configuration file and obtain the dtcdaemons MySQL password. Impact was local, with confidential...