3955 matches found
cPanel 10.9.1 - Resname Cross-Site Scripting
cPanel 10.9.1 - Resname Cross-Site Scripting source: https://www.securityfocus.com/bid/25047/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
cPanel 10.9.1 - 'Resname' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25047/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Cross site scripting
Cross-site scripting XSS vulnerability in Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
CVE-2007-3367
Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Information disclosure
Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...
CVE-2007-3367
Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...
CVE-2007-3366
CVE-2007-3366 describes a Cross-site scripting (XSS) vulnerability in the Simple CGI Wrapper (scgiwrap) used by cPanel, affecting cPanel before 10.9.1 and 11.x before 11.4.19-R14378. The issue allows remote attackers to inject arbitrary web script or HTML via the request URI. The connected docume...
CVE-2007-3367
CVE-2007-3367 affects cPanel’s Simple CGI Wrapper (scgiwrap). The flaw allows remote information disclosure via a direct request, revealing the path in an error message. Affected products/versions: cPanel before 10.9.1 and 11.x before 11.4.19-R14378. Root cause and proof of concept details are no...
CVE-2007-3366
Cross-site scripting XSS vulnerability in Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
cPanel Remote Backup Information Disclosure
Binary data 4107.prm...
cPanel本地文件包含漏洞
cPanel是一款基于PHP的WEB应用程序。 cPanel不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是多个脚本对用户提交的WEB参数缺少过滤,提交本地系统文件作为参数数据,可导致以WEB权限查看,泄露敏感信息。 cPanel cPanel 10.9 build 134 cPanel cPanel 10.9 build 125 cPanel cPanel 10.9 目前没有解决方案提供: http://www.cpanel.net/index.html...
Path traversal
Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via 1 the userlanguage parameter to includes/loadlanguage.php or 2 the fantasticopath parameter to includes/mysqlconfig.php and...
CVE-2007-1455
Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via 1 the userlanguage parameter to includes/loadlanguage.php or 2 the fantasticopath parameter to includes/mysqlconfig.php and...
CVE-2007-1455
Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via 1 the userlanguage parameter to includes/loadlanguage.php or 2 the fantasticopath parameter to includes/mysqlconfig.php and...
CVE-2007-1455
CVE-2007-1455 describes multiple absolute path traversal vulnerabilities in Fantastico used with cPanel 10.x , where remote authenticated users can cause arbitrary local files to be included and executed through (1) the userlanguage parameter to includes/load_language.php and (2) the fantasticopa...
fantastico-lfi.txt
Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity & safemode:On & Disable functions : All NONE Vulnerable...
cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities
No description provided by source...
Fantastico In all Version Cpanel 10.x <= local File Include
Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity & safemode:On & Disable functions : All NONE Vulnerable...
cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ================================================================== cPanel = 10.9.x fantastico Local File Inclusion Vulnerabilities ================================================================== Fantastico In all Version Cpanel 10.x =...
cPanel 10.9.x - Fantastico Local File Inclusion
cPanel 10.9.x - Fantastico Local File Inclusion Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity &...