Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.9 views

CVE-2026-41233

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

5.4CVSS5.5AI score0.00264EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/23 4:0 a.m.35 views

CVE-2026-41233 Froxlor has a Reseller Domain Quota Bypass via Unvalidated adminid Parameter in Domains.add()

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

5.4CVSS0.00264EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/25 5:3 p.m.3 views

Command Injection

Overview modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Command Injection via the execcmd function. An attacker who has Reseller or SuperAdmin privileges can execute arbitrary operating system commands by supplying specially crafted input, such as domain...

8.6CVSS6.1AI score0.00566EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Hosting Controller <= 6.1 Hotfix 3.1 Privilege Escalation Vulnerability

No description provided by source. Title: An attacker can gain reseller privileges and after that can gain admin privileges Version: 6.1 Hotfix = 3.1 Developer url: www.Hostingcontroller.com Solution: Update to Hotfix 3.2 Discover date: 2005,Summer Report date to hc company: Sat Jun 10, 2006...

7.1AI score
Exploits0
Prion
Prion
added 2008/05/28 3:32 p.m.16 views

Code injection

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field aka Email text box. NOTE: the vendor disputes this, stating "I'm unable to...

8.5CVSS7.7AI score0.04213EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2008/05/28 12:0 a.m.5 views

PT-2008-3935 · Cpanel · Cpanel

Name of the Vulnerable Software and Affected Versions: cPanel versions 11.18.6 and earlier, 11.23.1 and earlier Description: The issue allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field. The vendor disputes this...

8.5CVSS7.5AI score0.04213EPSS
Exploits1References9
securityvulns
securityvulns
added 2006/07/08 12:0 a.m.33 views

HostingController: An attacker can gain reseller privileges and after that can gain admin privileges

Hi, I'm Soroush Dalili from GrayHatz Security Group GSG. I publish the most important bugs of hosting controller program, after 3 weeks from reporting to the main company for more security Title: An attacker can gain reseller privileges and after that can gain admin privileges Version: 6.1 Hotfix...

7.7AI score
Exploits0
0day.today
0day.today
added 2006/07/06 12:0 a.m.44 views

Hosting Controller <= 6.1 Hotfix 3.1 Privilege Escalation Vulnerability

Exploit for unknown platform in category web applications ======================================================================= Hosting Controller function siteaction nact= "/hosting/addreseller.asp?htype=3" window.document.all.frm1.action = window.document.all.siteact.value + nact...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/06 12:0 a.m.68 views

Hosting Controller 6.1 Hotfix 3.1 - Privilege Escalation

Title: An attacker can gain reseller privileges and after that can gain admin privileges Version: 6.1 Hotfix function siteaction nact= "/hosting/addreseller.asp?htype=3" window.document.all.frm1.action = window.document.all.siteact.value + nact window.document.all.frm1.submit Form1 URL: reseller...

7AI score
Exploits0
Rows per page
Query Builder