3955 matches found
CPanel Multiple Cross Site Scription
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory : http://aria-security.net/advisory/cpanel.txt ----------------------------------------------------------- Software: CPanel Tested On CPanel 10 CPanel file Manager: PoC:...
cPanel 10 - seldir.html?dir Cross-Site Scripting
cPanel 10 - seldir.html?dir Cross-Site Scripting source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities
cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
cPanel 10 - 'newuser.html' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...
cPanel 10 - 'seldir.html?dir' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...
CVE-2006-5535
Multiple cross-site scripting XSS vulnerabilities in WebHostManager WHM 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the 1 theme parameter to scripts/dosetmytheme and the 2 template parameter to scripts2/editzonetemplate...
CVE-2006-5535
CVE-2006-5535 describes multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 and related cPanel 10.9.0 R50. The flaws allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and (2) template parameter to scrip...
WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability
WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability By CrackersChild crackerschild at sibersavascilar dot com email concealed www.sibersavacilar.com Exploit site.com:2082/scripts/dosetmytheme?theme=XssCodes site.com:2082/scripts2/editzonetemplate?template=XssCodes Examples...
cPanel10.9.0R50.txt
WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability By CrackersChild [email protected] www.sibersavacilar.com Exploit site.com:2082/scripts/dosetmytheme?theme=XssCodes site.com:2082/scripts2/editzonetemplate?template=XssCodes Examples...
cPanel 10.9 - dosetmytheme?theme Cross-Site Scripting
cPanel 10.9 - dosetmytheme?theme Cross-Site Scripting source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...
cPanel 10.9 - editzonetemplate?template Cross-Site Scripting
cPanel 10.9 - editzonetemplate?template Cross-Site Scripting source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...
cPanel 10.9 - 'dosetmytheme?theme' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...
cPanel 10.9 - 'editzonetemplate?template' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...
cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
No description provided by source. !- for use old cpanel exploit http://www.milw0rm.com/exploits/2466 you need have !- bash shell access on victim server but with this new exploit you only need !- to upload php file and run this into browser on victim servers. !- then you have root Access and you...
cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
Exploit for unknown platform in category local exploits ================================================================= cPanel cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef =...
cPanel 10.8.x - 'cpwrap' via MySQLAdmin Privilege Escalation
cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef = @iniget"disablefunctions"; if !empty$disablef $disablef = strreplace" ","",$disablef; $disablef = explode",",$disablef; if inarray"passthru",$disablef...
cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation (PHP)
cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation PHP cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef = @iniget"disablefunctions"; if !empty$disablef $disablef = strreplace" ","",$disablef;...
cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
Exploit for unknown platform in category web applications ================================================================= cPanel cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef =...
cpanel108x.txt
!/usr/bin/perl -w 10/01/06 - cPanel if/REMOTEUSER/ die "$cpwrap is patched.\n"; close CPWRAP; open STRICT, "strict.pm" or die "Can't open strict.pm: $!\n"; print STRICT "$e = "int mainsetreuid0,0;setregid0,0;system\\\"/bin/bash\\\";";\n"; print STRICT "system"/bin/echo -n...
cpexploit.txt
All cPanel versions which were released before August 23rd are vulnerable to a local root exploit. Exact version numbers are unclear. Doing a "ls -l /usr/local/cpanel/version" is a good way to determine the last time cPanel was updated. This exploit made the news when it was used to circulate an ...