Lucene search
K

3955 matches found

Exploit DB
Exploit DB
added 2007/03/11 12:0 a.m.66 views

cPanel 10.9.x - 'Fantastico' Local File Inclusion

Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity & safemode:On & Disable functions : All NONE Vulnerable...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/03/11 12:0 a.m.17 views

cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities

No description provided by source. Fantastico In all Version Cpanel 10.x = local File Include to the Note : Preparations php.ini in Cpanel hypothetical and They also in all WebServer Must provide username And pass and login :2082 To break the strongest protection modsecurity & safemode:On & Disab...

7.1AI score
Exploits0
Prion
Prion
added 2007/02/12 11:28 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in scripts/passwdmysql in cPanel WebHost Manager WHM 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter...

4.3CVSS6.3AI score0.01765EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2007/02/12 11:28 p.m.13 views

CVE-2007-0890

Cross-site scripting XSS vulnerability in scripts/passwdmysql in cPanel WebHost Manager WHM 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter...

4.3CVSS5.9AI score0.01765EPSS
Exploits1References6
Cvelist
Cvelist
added 2007/02/12 11:0 p.m.23 views

CVE-2007-0890

Cross-site scripting XSS vulnerability in scripts/passwdmysql in cPanel WebHost Manager WHM 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter...

5.9AI score0.01765EPSS
Exploits1References6
CVE
CVE
added 2007/02/12 11:0 p.m.67 views

CVE-2007-0890

CVE-2007-0890 is an XSS vulnerability in cPanel WebHost Manager (WHM) up to version 11.0.0, in the scripts/passwdmysql component. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the password parameter. The provided connected documents confirm the affected prod...

4.3CVSS5.9AI score0.01765EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2007/02/11 12:0 a.m.56 views

local bug :[xxs] in whm

vendor : cpanel version : all... by : s3rv3rhack3r my-web-sitez : www.hackerz.ir - ali.hackerz.ir exploit: http://dpmaon.com:2086/scripts/passwdmysql?password=xss&user=root&submit=Change+Password...

0.2AI score
Exploits0
Prion
Prion
added 2007/02/08 6:28 p.m.22 views

Remote file inclusion

Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager WHM allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used...

7.5CVSS8.1AI score0.06078EPSS
Exploits1References10
NVD
NVD
added 2007/02/08 6:28 p.m.16 views

CVE-2007-0854

Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager WHM allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used...

7.5CVSS7.5AI score0.06078EPSS
Exploits1References10
CVE
CVE
added 2007/02/08 6:0 p.m.54 views

CVE-2007-0854

CVE-2007-0854: Remote file inclusion vulnerability in scripts2/objcache of cPanel WebHost Manager (WHM). An attacker can use a URL in the obj parameter to cause arbitrary code execution or overwrite files under /var/cpanel/objcache, potentially yielding unexpected web content. Some sources note t...

7.5CVSS7.5AI score0.06078EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2007/02/08 6:0 p.m.24 views

CVE-2007-0854

Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager WHM allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used...

7.5AI score0.06078EPSS
Exploits1References10
securityvulns
securityvulns
added 2007/02/08 12:0 a.m.52 views

remote file include in whm (all version)

name : web host manager vendor : cpanel.net by : s3rv3rhack3r ali at hackerz dot ir web-site : www.hackerz.ir - ali.hackerz.ir exploit: http://domain.com:2086/scripts2/objcache?obj=http://www.hackerz.ir/?...

1.6AI score
Exploits0
exploitpack
exploitpack
added 2007/02/08 12:0 a.m.12 views

cPanel 11 - PassWDMySQL Cross-Site Scripting

cPanel 11 - PassWDMySQL Cross-Site Scripting source: https://www.securityfocus.com/bid/22474/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Exploits0
Exploit DB
Exploit DB
added 2007/02/08 12:0 a.m.24 views

cPanel 11 - PassWDMySQL Cross-Site Scripting

source: https://www.securityfocus.com/bid/22474/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
NVD
NVD
added 2006/12/15 11:28 a.m.14 views

CVE-2006-6566

PHP remote file inclusion vulnerability in includes/profilcpconstants.php in the Profile Control Panel CPanel module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the modulerootpath parameter...

7.5CVSS7.6AI score0.03217EPSS
Exploits0References6
CVE
CVE
added 2006/12/15 11:0 a.m.41 views

CVE-2006-6566

CVE-2006-6566 affects mxBB 0.91c, specifically the Profile Control Panel (CPanel) module. The vulnerability is a PHP remote file inclusion in includes/profilcp_constants.php that allows an attacker to execute arbitrary PHP code by supplying a URL in the module_root_path parameter. This is a remot...

7.5CVSS7.9AI score0.03217EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2006/12/14 6:28 p.m.19 views

CVE-2006-6548

Multiple cross-site scripting XSS vulnerabilities in cPanel WebHost Manager WHM 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to 1 scripts2/changeemail, 2 scripts2/limitbw, or 3 scripts/rearrangeacct. NOTE: the feature parameter to...

3.5CVSS5.4AI score0.00842EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/12/14 6:0 p.m.23 views

CVE-2006-6548

Multiple cross-site scripting XSS vulnerabilities in cPanel WebHost Manager WHM 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to 1 scripts2/changeemail, 2 scripts2/limitbw, or 3 scripts/rearrangeacct. NOTE: the feature parameter to...

5.4AI score0.00842EPSS
Exploits0References4
CVE
CVE
added 2006/12/14 6:0 p.m.52 views

CVE-2006-6548

The CVE-2006-6548 entry describes multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0. Affected component: WHM 3.1.0. Vulnerable vectors: the domain parameter in several scripts (scripts2/changeemail, scripts2/limitbw, scripts/rearrangeacct). The issue allows...

3.5CVSS5.4AI score0.00842EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2006/12/14 1:28 a.m.18 views

CVE-2006-6523

Cross-site scripting XSS vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote attackers to inject arbitrary web script or HTML via the account parameter...

6.8CVSS5.7AI score0.02005EPSS
Exploits1References6
Rows per page
Query Builder