Lucene search
K

3955 matches found

seebug.org
seebug.org
added 2009/06/29 12:0 a.m.28 views

WHOISCART (Auth Bypass) Information Disclosure Vulnerability

No description provided by source. +===================================================================================+ ./SEC-R1Z / / / / /\ \ |/ / \ \ / / / / | | / | | / / \ / / / / | || / | | / / \ \ \ \2009 | \ | | / / / \ /\ / ||\ \ ||/ ...

7.1AI score
Exploits0
NVD
NVD
added 2009/06/22 8:30 p.m.18 views

CVE-2009-2167

Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...

6.8CVSS8.7AI score0.0095EPSS
Exploits0References3
Prion
Prion
added 2009/06/22 8:30 p.m.19 views

Authentication flaw

cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...

7.5CVSS7.8AI score0.11776EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2009/06/22 8:30 p.m.20 views

CVE-2009-2168

cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...

9.8CVSS9.8AI score0.11776EPSS
Exploits1References1
Cvelist
Cvelist
added 2009/06/22 8:0 p.m.27 views

CVE-2009-2168

cpanel/login.php in EgyPlus 7ammel aka 7ml 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters...

9.8AI score0.11776EPSS
Exploits1References1
CVE
CVE
added 2009/06/22 8:0 p.m.46 views

CVE-2009-2167

CVE-2009-2167 affects EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier. Multiple SQL injection in cpanel/login.php via (1) username or (2) password when magic_quotes_gpc is disabled; enables remote execution of arbitrary SQL commands. Documents do not provide a remediation, and while exploits exist (se...

6.8CVSS8.9AI score0.0095EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/06/22 8:0 p.m.57 views

CVE-2009-2168

Summary: CVE-2009-2168 affects EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier. The vuln arises in cpanel/login.php where, after invalid credentials, a redirect is sent but the script does not exit, allowing remote attackers to bypass authentication by supplying arbitrary username and password paramet...

9.8CVSS9.6AI score0.11776EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2009/06/22 12:0 a.m.5 views

PT-2009-4620 · Egyplus · Egyplus 7Ammel

Name of the Vulnerable Software and Affected Versions: EgyPlus 7ammel aka 7ml versions 1.0.1 and earlier Description: The issue allows remote attackers to bypass authentication by providing arbitrary username and password parameters. This occurs because cpanel/login.php sends a redirect to the we...

9.8CVSS7.1AI score0.11776EPSS
Exploits1References3
seebug.org
seebug.org
added 2009/03/19 12:0 a.m.16 views

cPanel文件管理器文件名HTML注入漏洞

BUGTRAQ ID: 34142 cPanel是基于web的工具,用于自动化控制网站和服务器。 Cpanel内嵌有两个文件管理器,分别为标准和旧式文件管理器。这两个文件管理器在处理文件名时存在跨站脚本漏洞,远程攻击者可以通过创建特制的文件名注入并执行脚本。 对于旧式文件管理器,只要查看了文件列表就可以执行攻击者的代码;对于标准文件管理器,文件列表经过转义,但如果用户对恶意文件执行了删除、拷贝、移动、重新命名等任务的话,仍可能执行注入的脚本。...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2009/03/18 12:0 a.m.27 views

Cpanel File Manager Cross Site Scripting

Cpanel File Manager XSS Vulnerability Synopsis ------------- Cpanel www.cpanel.net has two file manager application, standard and legacy one to manage files. Both of them are vulnerable to XSS attack. File name is presented unescaped so that an attacker can craft malicious file name to execute...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2009/03/17 12:0 a.m.55 views

CPANEL File Manager XSS Vulnerability

Cpanel File Manager XSS Vulnerability Synopsis ------------- Cpanel www.cpanel.net has two file manager application, standard and legacy one to manage files. Both of them are vulnerable to XSS attack. File name is presented unescaped so that an attacker can craft malicious file name to execute...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2009/02/23 12:0 a.m.70 views

cPanel HTML注入和跨站脚本漏洞

BUGTRAQ ID: 33840 cPanel是基于web的工具,用于自动化控制网站和服务器。 cPanel中存在多个输入验证错误,远程攻击者可以执行脚本注入和跨站脚本攻击。 1 cPanel没有正确地过滤对用户主目录中.contactemail文件的输入,如果显示了恶意邮件就会在用户浏览器会话中注入任意HTML和脚本代码。 2 cPanel没有正确地过滤对scripts2/confdkillproc脚本的输入便返回给了用户,远程攻击者可以通过跨站脚本攻击在用户浏览器会话中执行任意HTML和脚本代码。 cPanel 11.x 厂商补丁: cPanel ------...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2009/02/15 12:0 a.m.18 views

cPanel <= 10.8.x cpwrap root exploit

No description provided by source. !/usr/bin/perl -w 10/01/06 - cPanel = 10.8.x cpwrap root exploit via mysqladmin use strict; haha oh wait.. my $cpwrap = "/usr/local/cpanel/bin/cpwrap"; my $mysqlwrap = "/usr/local/cpanel/bin/mysqlwrap"; my $pwd = pwd; chomp $pwd; $ENV'PERL5LIB' = "$pwd"; if ! -x...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/12/02 12:0 a.m.53 views

Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"

Script : Cpanel 11.x bug : language.php edite file exploit=Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass" safemode off , modsecurity off Disable functions : All NONE ,access root folder ?php / Deadly Script by Super-Crystal bypass Cpanel fantastico www.arab4services.ne...

Exploits0
Packet Storm
Packet Storm
added 2008/12/02 12:0 a.m.32 views

cpanel-bypass.txt

Script : Cpanel 11.x bug : language.php edite file exploit=Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass" safemode off , modsecurity off Disable functions : All NONE ,access root folder '; fwrite$h,$prctl; fclose$h; $handle = fopen$POST'php', "w"; fwrite$handle,...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/11/01 12:0 a.m.12 views

cpanel 11.x XSS / Local File Inclusion Vulnerability

No description provided by source. ---------------------------------------------------------------- Script : Cpanel 11.x Type : Local File Inclusion & Cross Site Scripting Risk : High ---------------------------------------------------------------- Discovered by : Khashayar Fereidani I am 17 Year...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/11/01 12:0 a.m.49 views

Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani

---------------------------------------------------------------- Script : Cpanel 11.x Type : Local File Inclusion & Cross Site Scripting Risk : High ---------------------------------------------------------------- Discovered by : Khashayar Fereidani I am 17 Years Old My Official Website :...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2008/10/31 12:0 a.m.15 views

cpanel-lfixss.txt

---------------------------------------------------------------- Script : Cpanel 11.x Type : Local File Inclusion & Cross Site Scripting Risk : High ---------------------------------------------------------------- Discovered by : Khashayar Fereidani I am 17 Years Old My Official Website :...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/10/31 12:0 a.m.11 views

cPanel 11.x - Cross-Site Scripting Local File Inclusion

cPanel 11.x - Cross-Site Scripting Local File Inclusion ---------------------------------------------------------------- Script : Cpanel 11.x Type : Local File Inclusion & Cross Site Scripting Risk : High ---------------------------------------------------------------- Discovered by : Khashayar...

0.2AI score
Exploits0
0day.today
0day.today
added 2008/10/31 12:0 a.m.19 views

cpanel 11.x XSS / Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ==================================================== cpanel 11.x XSS / Local File Inclusion Vulnerability ==================================================== ---------------------------------------------------------------- Script : Cpanel...

7.1AI score
Exploits0
Rows per page
Query Builder