6 matches found
CVE-2026-41230
Froxlor is open source server administration software. Prior to version 2.3.6, DomainZones::add accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in the content field. When a DNS type not covered by the if/elseif validation chain is submitted e.g.,...
bind security update
An update is available for bind. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...
Froxlor has a BIND Zone File Injection via Unsanitized DNS Record Content in DomainZones::add()
Summary DomainZones::add accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in the content field. When a DNS type not covered by the if/elseif validation chain is submitted e.g., NAPTR, PTR, HINFO, content validation is entirely bypassed. Embedded...
CVE-2018-20933
cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action SEC-410...
CVE-2018-20915
cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action SEC-369...
Internet Explorer CSS Special Character Information Disclosure (MS10-071; CVE-2010-3325)
CSS Cascading Style Sheets is a formatting method for Web pages using HTML. An information disclosure vulnerability has been reported in the way Microsoft Internet Explorer processes CSS special characters. The vulnerability is due to the way Internet Explorer improperly process CSS special...