38 matches found
EUVD-2007-0847
Malware in sbrugna...
EUVD-2006-0140
Malware in sbrugna...
EUVD-2005-2569
Malware in sbrugna...
EUVD-2005-2568
Malware in sbrugna...
EUVD-2007-0846
Malware in sbrugna...
CVE-2010-2476
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot...
CVE-2010-2476
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot...
CVE-2010-2476
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot...
CVE-2010-2476
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot...
CVE-2010-2476
CVE-2010-2476 affects syscp 1.4.2.1. The vulnerability allows an attacker to add arbitrary paths via the documentroot of a domain by appending a colon to it and configuring the open_basedir path to use that domain’s documentroot, enabling path manipulation. The provided documents indicate potenti...
SysCP 1.2.x Multiple Script Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14490/info SysCP is affected by multiple script execution vulnerabilities. The following specific vulnerabilities were identified: The application is affected by a remote file include vulnerability. An attacker can includ...
SYSCP 1.2.15 System Control Panel CronJob Arbitrary Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22453/info SysCP is prone to an arbitrary code-execution vulnerability. An attacker can exploit this issue to execute arbitrary commands with superuser privileges, resulting in the compromise of the computer. NOTE: To...
Code injection
scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panelcronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename...
CVE-2007-0850
scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panelcronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename...
Directory traversal
scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability tha...
CVE-2007-0849
scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability tha...
CVE-2007-0850
scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panelcronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename...
CVE-2007-0850
CVE-2007-0850 affects SysCP up to version 1.2.15. The flaw resides in scripts/cronscript.php, which can include and execute arbitrary PHP scripts listed in the panel_cronscript table. An attacker with database write privileges can inject a PHP filename into that table to achieve arbitrary code ex...
CVE-2007-0849
SysCP 1.2.15 and earlier is affected by CVE-2007-0849: a local privilege escalation caused by improper quoting of pathnames in user home directories. An attacker can place shell metacharacters in a directory name and then use the control panel to protect that directory to gain privileges. This is...
CVE-2007-0849
scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability tha...