Lucene search
K

3955 matches found

exploitpack
exploitpack
added 2007/07/24 12:0 a.m.10 views

cPanel 10.9.1 - Resname Cross-Site Scripting

cPanel 10.9.1 - Resname Cross-Site Scripting source: https://www.securityfocus.com/bid/25047/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Exploits0
Exploit DB
Exploit DB
added 2007/07/24 12:0 a.m.28 views

cPanel 10.9.1 - 'Resname' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25047/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Prion
Prion
added 2007/06/22 6:30 p.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

4.3CVSS6AI score0.01033EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/06/22 6:30 p.m.21 views

CVE-2007-3367

Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...

7.8CVSS6.1AI score0.01426EPSS
Exploits0References4
Prion
Prion
added 2007/06/22 6:30 p.m.18 views

Information disclosure

Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...

7.8CVSS6.6AI score0.01426EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/06/22 6:0 p.m.27 views

CVE-2007-3367

Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...

6.1AI score0.01426EPSS
Exploits0References4
CVE
CVE
added 2007/06/22 6:0 p.m.51 views

CVE-2007-3366

CVE-2007-3366 describes a Cross-site scripting (XSS) vulnerability in the Simple CGI Wrapper (scgiwrap) used by cPanel, affecting cPanel before 10.9.1 and 11.x before 11.4.19-R14378. The issue allows remote attackers to inject arbitrary web script or HTML via the request URI. The connected docume...

4.3CVSS5.6AI score0.01033EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/06/22 6:0 p.m.53 views

CVE-2007-3367

CVE-2007-3367 affects cPanel’s Simple CGI Wrapper (scgiwrap). The flaw allows remote information disclosure via a direct request, revealing the path in an error message. Affected products/versions: cPanel before 10.9.1 and 11.x before 11.4.19-R14378. Root cause and proof of concept details are no...

7.8CVSS6.1AI score0.01426EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/06/22 6:0 p.m.24 views

CVE-2007-3366

Cross-site scripting XSS vulnerability in Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

5.6AI score0.01033EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/06/22 12:0 a.m.16 views

cPanel Remote Backup Information Disclosure

Binary data 4107.prm...

7.8CVSS7.3AI score0.01426EPSS
Exploits0References3
seebug.org
seebug.org
added 2007/03/15 12:0 a.m.24 views

cPanel本地文件包含漏洞

cPanel是一款基于PHP的WEB应用程序。 cPanel不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是多个脚本对用户提交的WEB参数缺少过滤,提交本地系统文件作为参数数据,可导致以WEB权限查看,泄露敏感信息。 cPanel cPanel 10.9 build 134 cPanel cPanel 10.9 build 125 cPanel cPanel 10.9 目前没有解决方案提供: http://www.cpanel.net/index.html...

7.1AI score
Exploits0
Prion
Prion
added 2007/03/14 6:19 p.m.18 views

Path traversal

Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via 1 the userlanguage parameter to includes/loadlanguage.php or 2 the fantasticopath parameter to includes/mysqlconfig.php and...

9CVSS7.5AI score0.06601EPSS
Exploits0References4
NVD
NVD
added 2007/03/14 6:19 p.m.19 views

CVE-2007-1455

Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via 1 the userlanguage parameter to includes/loadlanguage.php or 2 the fantasticopath parameter to includes/mysqlconfig.php and...

9CVSS7AI score0.06601EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/03/14 6:0 p.m.26 views

CVE-2007-1455

Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via 1 the userlanguage parameter to includes/loadlanguage.php or 2 the fantasticopath parameter to includes/mysqlconfig.php and...

7AI score0.06601EPSS
Exploits0References4
CVE
CVE
added 2007/03/14 6:0 p.m.48 views

CVE-2007-1455

CVE-2007-1455 describes multiple absolute path traversal vulnerabilities in Fantastico used with cPanel 10.x , where remote authenticated users can cause arbitrary local files to be included and executed through (1) the userlanguage parameter to includes/load_language.php and (2) the fantasticopa...

9CVSS7AI score0.06601EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2007/03/14 12:0 a.m.23 views

fantastico-lfi.txt

Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity & safemode:On & Disable functions : All NONE Vulnerable...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/03/12 12:0 a.m.11 views

cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/12 12:0 a.m.61 views

Fantastico In all Version Cpanel 10.x &lt;= local File Include

Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity & safemode:On & Disable functions : All NONE Vulnerable...

0.6AI score
Exploits0
0day.today
0day.today
added 2007/03/11 12:0 a.m.53 views

cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== cPanel = 10.9.x fantastico Local File Inclusion Vulnerabilities ================================================================== Fantastico In all Version Cpanel 10.x =...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/11 12:0 a.m.12 views

cPanel 10.9.x - Fantastico Local File Inclusion

cPanel 10.9.x - Fantastico Local File Inclusion Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity &...

7.4AI score
Exploits0
Rows per page
Query Builder