The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

Multi-ecosystem supply chain compromise by TeamPCP targets GitHub, NPM, and VSCode to steal credentials and establish persistence...

cPanel SQL注入漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a SQL injection vulnerability, which stems from insufficient SQL query cleaning in the sqloptimizer tool script. If the slow...

WebPros WHMCS 安全漏洞

WebPros WHMCS is a customer management and automated billing platform provided by the Swiss company WebPros, aimed at hosting providers and domain service providers. There is a security vulnerability in WebPros WHMCS, which stems from insufficient ownership checks in the clientarea.php file. This...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

CVE-2022-31185

mprweb is a hosting platform for the makedeb Package Repository. Email addresses were found to not have been hidden, even if a user had clicked the Hide Email Address checkbox on their account page, or during signup. This could lead to an account's email being leaked, which may be problematic if...

GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories

GitHub on Thursday announced that it's enabling secret scanning push protection by default for all pushes to public repositories. "This means that when a supported secret is detected in any push to a public repository, you will have the option to remove the secret from your commits or, if you dee...

GitHub Announces Free Secret Scanning for All Public Repositories

GitHub on Thursday said it is making available its secret scanning service to all public repositories on the code hosting platform for free. "Secret scanning alerts notify you directly about leaked secrets in your code," the company said, adding it's expected to complete the rollout by the end of...

CVE-2022-31185

mprweb is a hosting platform for the makedeb Package Repository. Email addresses were found to not have been hidden, even if a user had clicked the Hide Email Address checkbox on their account page, or during signup. This could lead to an account's email being leaked, which may be problematic if...

Design/Logic Flaw

mprweb is a hosting platform for the makedeb Package Repository. Email addresses were found to not have been hidden, even if a user had clicked the Hide Email Address checkbox on their account page, or during signup. This could lead to an account's email being leaked, which may be problematic if...

CVE-2022-31185

CVE-2022-31185 affects the mprweb hosting platform (makedeb Package Repository). The issue is an information-disclosure where email addresses were not hidden as configured, potentially leaking user emails. The vulnerability is mitigated for official mprweb instances, while self-hosted deployments...

CVE-2022-20726

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

Foxlor Cross-Site Scripting Vulnerability

Foxlor is This open source GPL panel was developed by experienced server administrators to simplify the job of managing hosting platforms. A security vulnerability exists in Foxlor, which can be exploited by an attacker to execute arbitrary web script or HTML by entering a payload in the name,...

Unspecified vulnerability in cPanel (CNVD-2019-27417)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 60.0.15. An attacker could exploit this vulnerability to cause a...

cPanel Input Validation Error Vulnerability (CNVD-2019-27602)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in cPanel versions prior to 60.0.25. The vulnerability can be exploited by an attacker to execute...

cPanel Security Feature Issue Vulnerability (CNVD-2019-29632)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 62.0.4. No detailed vulnerability details are provided at this time...

cPanel Input Validation Error Vulnerability (CNVD-2019-33874)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in cPanel. An attacker can exploit this vulnerability to execute code in the conte...

cPanel cross-site scripting vulnerability (CNVD-2019-33871)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel. An attacker can exploit this vulnerability to execute client-side code...

cPanel Formatting String Error Vulnerability (CNVD-2019-33887)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A formatting string error vulnerability exists in cPanel. Detailed vulnerability details are not available at this time...

kloxo 5.75 (24 issues) Multiple Vulnerabilities

No description provided by source. Who : http://lxlabs.com What : kloxo Kloxo Previously Lxadmin The most flexible software on this planet. From Kloxo HostInaBox, World's lightest and the most efficient webhosting platform, to Kloxo Enterprise, which can manage 100s of thousands of domains on...

LxCenter Kloxo Detection

This host is running LxCenter Kloxo. Kloxo is a fully scriptable hosting platform. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...