4 matches found
CVE-2003-1426
Openwebmail in cPanel 5.0 (when run with suid Perl) writes the SCRIPT_FILENAME directory into Perl's @INC, enabling local users to run arbitrary code by pointing SCRIPT_FILENAME to a directory containing a malicious openwebmail-shared.pl. This CVE (CVE-2003-1426) describes a local-privilege-vecto...
CVE-2003-1425
guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter...
CVE-2003-1426
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPTFILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPTFILENAME to reference a directory containing a malicious openwebmail-shared.pl...
CVE-2003-1425
guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter...