Lucene search
K

3955 matches found

securityvulns
securityvulns
added 2006/11/14 12:0 a.m.54 views

CPanel Multiple Cross Site Scription

Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory : http://aria-security.net/advisory/cpanel.txt ----------------------------------------------------------- Software: CPanel Tested On CPanel 10 CPanel file Manager: PoC:...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2006/11/13 12:0 a.m.12 views

cPanel 10 - seldir.html?dir Cross-Site Scripting

cPanel 10 - seldir.html?dir Cross-Site Scripting source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/11/13 12:0 a.m.11 views

cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities

cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/13 12:0 a.m.20 views

cPanel 10 - 'newuser.html' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/13 12:0 a.m.20 views

cPanel 10 - 'seldir.html?dir' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
NVD
NVD
added 2006/10/26 5:7 p.m.15 views

CVE-2006-5535

Multiple cross-site scripting XSS vulnerabilities in WebHostManager WHM 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the 1 theme parameter to scripts/dosetmytheme and the 2 template parameter to scripts2/editzonetemplate...

4.3CVSS5.8AI score0.0194EPSS
Exploits1References6
CVE
CVE
added 2006/10/26 5:0 p.m.47 views

CVE-2006-5535

CVE-2006-5535 describes multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 and related cPanel 10.9.0 R50. The flaws allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and (2) template parameter to scrip...

4.3CVSS6AI score0.0194EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2006/10/26 12:0 a.m.58 views

WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability

WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability By CrackersChild crackerschild at sibersavascilar dot com email concealed www.sibersavacilar.com Exploit site.com:2082/scripts/dosetmytheme?theme=XssCodes site.com:2082/scripts2/editzonetemplate?template=XssCodes Examples...

2.6AI score
Exploits0
Packet Storm
Packet Storm
added 2006/10/25 12:0 a.m.22 views

cPanel10.9.0R50.txt

WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability By CrackersChild [email protected] www.sibersavacilar.com Exploit site.com:2082/scripts/dosetmytheme?theme=XssCodes site.com:2082/scripts2/editzonetemplate?template=XssCodes Examples...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/10/23 12:0 a.m.15 views

cPanel 10.9 - dosetmytheme?theme Cross-Site Scripting

cPanel 10.9 - dosetmytheme?theme Cross-Site Scripting source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/10/23 12:0 a.m.9 views

cPanel 10.9 - editzonetemplate?template Cross-Site Scripting

cPanel 10.9 - editzonetemplate?template Cross-Site Scripting source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/23 12:0 a.m.20 views

cPanel 10.9 - 'dosetmytheme?theme' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/23 12:0 a.m.19 views

cPanel 10.9 - 'editzonetemplate?template' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20683/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/10/13 12:0 a.m.21 views

cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)

No description provided by source. !- for use old cpanel exploit http://www.milw0rm.com/exploits/2466 you need have !- bash shell access on victim server but with this new exploit you only need !- to upload php file and run this into browser on victim servers. !- then you have root Access and you...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/10/13 12:0 a.m.31 views

cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)

Exploit for unknown platform in category local exploits ================================================================= cPanel cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef =...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/13 12:0 a.m.78 views

cPanel 10.8.x - &#039;cpwrap&#039; via MySQLAdmin Privilege Escalation

cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef = @iniget"disablefunctions"; if !empty$disablef $disablef = strreplace" ","",$disablef; $disablef = explode",",$disablef; if inarray"passthru",$disablef...

7AI score
Exploits0
exploitpack
exploitpack
added 2006/10/13 12:0 a.m.16 views

cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation (PHP)

cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation PHP cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef = @iniget"disablefunctions"; if !empty$disablef $disablef = strreplace" ","",$disablef;...

1.4AI score
Exploits0
0day.today
0day.today
added 2006/10/13 12:0 a.m.34 views

cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)

Exploit for unknown platform in category web applications ================================================================= cPanel cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef =...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/10/09 12:0 a.m.27 views

cpanel108x.txt

!/usr/bin/perl -w 10/01/06 - cPanel if/REMOTEUSER/ die "$cpwrap is patched.\n"; close CPWRAP; open STRICT, "strict.pm" or die "Can't open strict.pm: $!\n"; print STRICT "$e = "int mainsetreuid0,0;setregid0,0;system\\\"/bin/bash\\\";";\n"; print STRICT "system"/bin/echo -n...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/10/04 12:0 a.m.23 views

cpexploit.txt

All cPanel versions which were released before August 23rd are vulnerable to a local root exploit. Exact version numbers are unclear. Doing a "ls -l /usr/local/cpanel/version" is a good way to determine the last time cPanel was updated. This exploit made the news when it was used to circulate an ...

7.4AI score
Exploits0
Rows per page
Query Builder