Lucene search
K

3955 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attack...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

cPanel 11.18.3 - List Directories and Folders Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28300/info cPanel is prone to an information-disclosure vulnerability. An attacker can exploit this issue to determine programs that are running on the affected server and to view folders on other sites that are protected...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

cPanel 11.x 'fileop' Parameter Multiple Cross Site Scripting Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

cPanel 10.x showfile.html file Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19624/info cPanel is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

cPanel 10 newuser.html Multiple Parameter XSS

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/05/04 12:0 a.m.34 views

Zamfoo 12.6 Arbitrary Command Execution

Title: Zamfoo Multiple Arbitrary Command Executions Author: Al-Shabaab Vendor Homepage:http://www.zamfoo.com/ Version: 12.6 Intro The ZamFoo software suite is a series of WHM plugin modules also known as WHM addon modules catered towards easing the burden of web hosting providers that sell shared...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2014/04/04 12:0 a.m.435 views

cPanel多个安全漏洞

cPanel是一款基于多种语言的空间管理面板,可通过域名来管理整个站点。 cPanel存在多个安全漏洞: 1,部分日志文件以全局可读权限创建,允许攻击者查看日志文件获取敏感信息。 2,提交给FormMail.pl的输入在重定向用户之前缺少校验,可重定向用户至任意WEB站点。 3,在Cpanel::API::Fileman中生成错误消息时Locale::Maketext::maketext存在错误,允许攻击者提交特制输入可执行任意代码。 4,在某些情况下会在HOME文件创建trackupload日志,可通过符号链接攻击覆盖文件。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/01/06 12:0 a.m.19 views

Softaculous Import权限提升漏洞

Softaculous是一款cPanel和DirectAdmin的自动安装程序。 由于导入程序是的为名错误,攻击者可以利用漏洞活动root权限。 0 Softaculous 4.x 厂商补丁: Softaculous ----- Softaculous 4.3.8版本以修复此漏洞,建议用户下载使用: http://www.softaculous.com/softaculous/...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/11/01 12:0 a.m.27 views

cPanel WebHost Manager 3.1 dofeaturemanager feature Parameter XSS

Exploit for php platform in category web applications source: http://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/08/27 12:0 a.m.24 views

cPanel 管理系统多个安全漏洞

cPanel是一款基于多种语言的空间管理面板,可通过域名来管理整个站点 cPanel存在多个安全漏洞,允许恶意用户劫持域和操作部分数据: 1,暂停账户时存在错误,可被利用操作某些文件 2,处理DNSAdmin集群请求时cpsrvd存在错误,可被利用操作其他账户的DNS域 3,当处理停放域时不正确校验权限,可被利用劫持托管在同一台服务器或DNS集群上的域 4,"Purchase and Install an SSL Certificate"功能存在错误,可被利用覆盖任意文件 0 cPanel 11.x 厂商解决方案 cPanel 11.32.6.17, 11.34.1.25,...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/02/26 7:10 p.m.15 views

cPanel Support Server Compromised

Website hosting provider cPanel is calling on some users to change their passwords after it informed them on Friday that hackers compromised one of its technical support department’s servers. The hosting provider does not know for certain the extent of the hack or what, if any, information was...

1.8AI score
Exploits0References2
The Hacker News
The Hacker News
added 2013/01/05 1:56 p.m.6 views

Hackers and Anti-Government Protests rage across Iraq

Four Iraqi Government websites defaced today by hacker going by name "riSky". Defaced domains include Iraq National Investment Commission website also. Where, Tens of thousands of protesters rallied across Iraq on Friday, charging that Sunni Muslims had been disenfranchised under the Shiite-led...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2012/12/27 2:51 p.m.5 views

cPanel and WHM Multiple Cross Site Scripting Vulnerabilities

cPanel is a Unix based fully featured popular web based hosting account control panel that helps webmasters to manage their domains through a web browser. The latest version of cPanel & WHM is 11.34, which is vulnerable to multiple cross site scripting. During my bug hunting process, today I...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2012/12/27 3:51 a.m.16 views

cPanel and WHM Multiple Cross Site Scripting Vulnerabilities

cPanel is a Unix based fully featured popular web based hosting account control panel that helps webmasters to manage their domains through a web browser. The latest version of cPanel & WHM is 11.34, which is vulnerable to multiple cross site scripting. During my bug hunting process, today I...

6.2AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/27 12:0 a.m.23 views

cPanel - 'detailbw.html' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/57060/info cPanel and WHM are prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/27 12:0 a.m.27 views

cPanel WebHost Manager (WHM) - '/webmail/x3/mail/clientconf.html?acct' Cross-Site Scripting

source: https://www.securityfocus.com/bid/57060/info cPanel and WHM are prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/27 12:0 a.m.27 views

C-Panel / WHM 11.34.0 Cross Site Scripting

cPanel & WHM Cross Site Scripting Vulnerability Date: 27 Dec 2012 Author: Christy Philip Mathew Vendor or Software Link: http://cpanel.net/demo/ Version: cPanel & WHM 11.34.0 build 8 Category:: Remote POC Video - http://www.youtube.com/watch?v=HJ64X2y8o0E WHM 1. Basic cPanel ,WHM Setup - NameServ...

Exploits0
exploitpack
exploitpack
added 2012/12/27 12:0 a.m.15 views

cPanel WebHost Manager (WHM) - webmailx3mailclientconf.html?acct Cross-Site Scripting

cPanel WebHost Manager WHM - webmailx3mailclientconf.html?acct Cross-Site Scripting source: https://www.securityfocus.com/bid/57060/info cPanel and WHM are prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2012/12/27 12:0 a.m.17 views

cPanel - detailbw.html Multiple Cross-Site Scripting Vulnerabilities

cPanel - detailbw.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/57060/info cPanel and WHM are prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/26 12:0 a.m.21 views

cPanel - 'dir' Cross-Site Scripting

source: https://www.securityfocus.com/bid/57064/info cPanel is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

7AI score
Exploits0
Rows per page
Query Builder