Lucene search
K

3955 matches found

Packet Storm
Packet Storm
added 2008/10/31 12:0 a.m.16 views

cpanel-lfixss.txt

---------------------------------------------------------------- Script : Cpanel 11.x Type : Local File Inclusion & Cross Site Scripting Risk : High ---------------------------------------------------------------- Discovered by : Khashayar Fereidani I am 17 Years Old My Official Website :...

7.4AI score
Exploits0
Prion
Prion
added 2008/09/23 3:25 p.m.12 views

Directory traversal

Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot or absolute pathname in the...

6.8CVSS7.3AI score0.02807EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2008/09/23 3:0 p.m.16 views

CVE-2008-4181

Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot or absolute pathname in the...

6.8AI score0.02807EPSS
Exploits0References6
CVE
CVE
added 2008/09/23 3:0 p.m.52 views

CVE-2008-4181

The CVE-2008-4181 vulnerability affects the Netenberg Fantastico De Luxe module for cPanel (before 2.10.4 r19). It is a directory traversal in includes/xml.php that allows remote authenticated users to include and execute arbitrary local files via the fantasticopath parameter, using .. or absolut...

6.8CVSS6.9AI score0.02807EPSS
Exploits0References6Affected Software1
0day.today
0day.today
added 2008/09/21 12:0 a.m.20 views

6rbScript 3.3 (singerid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =========================================================== 6rbScript 3.3 singerid Remote SQL Injection Vulnerability =========================================================== || | | 6rbScript V3.3 singerid Remote SQL Injection...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/09/16 12:0 a.m.15 views

Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/09/15 12:0 a.m.39 views

cpanel-lfi.txt

Fantastico In all Version Cpanel 11.x First Create directory Let the name /includes/ and upload Shell.php in /includes/ Then rename it to enclicensingservers.php :::xploit:::: http://xxx.com:2082/frontend/x/fantastico/includes/xml.php?fantasticopath=/home/user Discoverd By : joker1 for info :...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/09/14 12:0 a.m.27 views

Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)

Exploit for unknown platform in category web applications ========================================================== Cpanel First Create directory Let the name /includes/ and upload Shell.php in /includes/ Then rename it to enclicensingservers.php :::xploit::::...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/09/14 12:0 a.m.29 views

cPanel 11.x - Fantastico Local File Inclusion

cPanel 11.x - Fantastico Local File Inclusion Fantastico In all Version Cpanel 11.x First Create directory Let the name /includes/ and upload Shell.php in /includes/ Then rename it to enclicensingservers.php :::xploit::::...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/09/14 12:0 a.m.63 views

cPanel 11.x - &#039;Fantastico&#039; Local File Inclusion

Fantastico In all Version Cpanel 11.x First Create directory Let the name /includes/ and upload Shell.php in /includes/ Then rename it to enclicensingservers.php :::xploit:::: http://xxx.com:2082/frontend/x/fantastico/includes/xml.php?fantasticopath=/home/user Discoverd By : joker1 for info :...

7.4AI score
Exploits0
Prion
Prion
added 2008/05/28 3:32 p.m.14 views

Code injection

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field aka Email text box. NOTE: the vendor disputes this, stating "I'm unable to...

8.5CVSS7.7AI score0.04213EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2008/05/28 3:32 p.m.20 views

CVE-2008-2478

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field aka Email text box. NOTE: the vendor disputes this, stating "I'm unable to...

8.5CVSS7.4AI score0.04213EPSS
Exploits1References5
Cvelist
Cvelist
added 2008/05/28 3:0 p.m.21 views

CVE-2008-2478

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field aka Email text box. NOTE: the vendor disputes this, stating "I'm unable to...

7.4AI score0.04213EPSS
Exploits1References5
CVE
CVE
added 2008/05/28 3:0 p.m.50 views

CVE-2008-2478

CVE-2008-2478 affects cPanel under scripts/wwwacct (versions 11.18.6 STABLE and earlier, and 11.23.1 CURRENT and earlier). The issue allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field, enabling code execution th...

8.5CVSS7.4AI score0.04213EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2008/05/28 12:0 a.m.3 views

PT-2008-3935 · Cpanel · Cpanel

Name of the Vulnerable Software and Affected Versions: cPanel versions 11.18.6 and earlier, 11.23.1 and earlier Description: The issue allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field. The vendor disputes this...

8.5CVSS7.5AI score0.04213EPSS
Exploits1References9
securityvulns
securityvulns
added 2008/05/20 12:0 a.m.44 views

Cpanel all version &gt;&gt; root access with a reseller account.

By : Ali Jasbi IHST security & hacking Research team WwW.Hackerz.ir Vendor : Cpanel.net Version : ALL !! Risk : Very high What u can do with this bug is : u can have a access to all the server with reseller privilege Th3 r00t how it's work ? when u want to create an account in shell what will...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2008/05/19 12:0 a.m.14 views

cPanel 11.21 - wwwact Privilege Escalation

cPanel 11.21 - wwwact Privilege Escalation source: https://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/19 12:0 a.m.27 views

cPanel 11.21 - &#039;wwwact&#039; Privilege Escalation

source: https://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the affected application and execute malicious PHP...

7AI score
Exploits0
seebug.org
seebug.org
added 2008/05/14 12:0 a.m.88 views

cPanel跨站脚本和跨站请求伪造漏洞

BUGTRAQ ID: 29125 CVECAN ID: CVE-2008-2070,CVE-2008-2071 cPanel是基于web的工具,用于自动化控制网站和服务器。 cPanel的WHM接口允许用户管理和访问cPanel及WHM软件包的核心。这个接口没有正确地防范跨站脚本和跨站请求伪造攻击,允许远程攻击者通过提交恶意请求在服务器上执行任意代码。 所有管理用户输入的函数都存在跨站脚本漏洞,以下为部分有漏洞的函数列表: Knowlege Base(/scripts2/knowlegebase?issue=INJECTION&domain=) Change Ip to...

4.3CVSS6.4AI score0.02183EPSS
Exploits3
Prion
Prion
added 2008/05/12 4:20 p.m.26 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors...

4.3CVSS7.3AI score0.00674EPSS
Exploits2References8Affected Software1
Rows per page
Query Builder