Advisory ROSA-SA-2026-3208

Software: webmin 2.520 WASP: ROSA-CHROME unaffected versions = webmin-2.520-1 affected versions webmin-2.520-1 CVE-ID: CVE-2025-61541 BDU-ID: 2025-14429 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getwebminemailurl function of the Webmin hosting control panel is related to access delimitatio...

ROS-20251113-02

The Webmin hosting control panel vulnerability involves manipulating the Host header to inject a malicious domain into a password reset email. malicious domain in a password reset link email. Exploitation of the vulnerability could allow an attacker acting remotely to intercept the password reset...

EUVD-2008-6060

Malware in sbrugna...

EUVD-2007-6051

Malware in sbrugna...

EUVD-2025-24012

Malicious code in bioql PyPI...

EUVD-2025-25492

Malicious code in bioql PyPI...

Control Web Panel 操作系统命令注入漏洞

Control Web Panel is a Linux web hosting control panel. An operating system command injection vulnerability exists in Control Web Panel versions prior to 0.9.8.1205, which stems from the ttotal parameter in the filemanager changePerm request containing shell metacharacters, which could lead to...

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

EHCP Easy Hosting Control Panel 安全漏洞

EHCP Easy Hosting Control Panel is an open source web hosting control panel from EHCP. A security vulnerability exists in EHCP Easy Hosting Control Panel version 20.04.1.b. The vulnerability stems from a SQL injection in the listdomains function, which could lead to database content access or...

Easy Hosting Control Panel EHCP 安全漏洞

Easy Hosting Control Panel EHCP is a hosting control panel from Easy Hosting Control Panel, Inc. A security vulnerability exists in Easy Hosting Control Panel EHCP version v20.04.1.b, which originates from a parameter injection and could lead to an SQL injection attack...

PT-2025-33860 · Unknown · Easy Hosting Control Panel

Name of the Vulnerable Software and Affected Versions: Easy Hosting Control Panel EHCP version 20.04.1.b Description: The Easy Hosting Control Panel EHCP contains a SQL injection issue via the id parameter in the List All Email Addresses function. Recommendations: At the moment, there is no...

ROS-20240917-05

Vulnerability in the sysinfo.cgi script implementation of Webmin hosting control panel exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute an arbitrary script...

Control Web Panel 安全漏洞

Control Web Panel is a Linux web hosting control panel. A security vulnerability exists in Control Web Panel that stems from the presence of a Command Injection Local Elevation of Privilege vulnerability that could allow a remote attacker to elevate privileges on an affected installation...

Control Web Panel 安全漏洞

Control Web Panel is a Linux web hosting control panel. A security vulnerability exists in Control Web Panel that stems from a command injection remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an affected installation...

Parallels H-Sphere 跨站脚本漏洞

Parallels H-Sphere is a web-hosting automation control panel from Parallels, Inc. It is used for shared web hosting services. Parallels H-Sphere version 3.6.2 contains a cross-site scripting vulnerability that can be exploited by attackers to perform XSS via indexen.php in the parameters...

CentOS Web Panel Operating System Command Injection Vulnerability (CNVD-2020-44602)

CentOS Web Panel CWP is a free web hosting control panel. An operating system command injection vulnerability exists in the ajaxmodsecurity.php file in the CentOS Web Panel cwp-el7-0.9.8.891 release, which stems from a failure to properly validate user-supplied strings before executing system...

Unspecified vulnerability in cPanel (CNVD-2019-29019)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. An attacker can exploit this vulnerability to perform...

cPanel Code Execution Vulnerability (CNVD-2019-26335)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A code execution vulnerability exists in versions of cPanel prior to 64.0.21. An attacker can exploit the vulnerability to execut...

CVE-2018-6617

Easy Hosting Control Panel EHCP v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password...

CVE-2018-6361

Easy Hosting Control Panel EHCP v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account...