15 matches found
EUVD-2006-1411
Malware in sbrugna...
SUSE CVE-2025-43919
GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...
CVE-2020-15612 — CentOS Web Panel Authentication Bypass/RCE
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. When parsing the userLogin parameter, the process...
CVE-2017-18481
cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface SEC-211...
Bash Vulnerability Exploits Dropping DDoS Bots
A honeypot run by researchers at AlienVault Labs has snared two separate pieces of malware attempting to exploit the Bash vulnerability. One sample is a repurposed IRC bot written in Perl that is trying to build a botnet to be used in distributed denial of service attacks DDoS, said Jaime Blasco,...
PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion...
Multi CSRF vulnerability in DirectAdmin (1.34.4)
Exploit for unknown platform in category web applications ================================================ Multi CSRF vulnerability in DirectAdmin 1.34.4 ================================================ ============================================================================= Title : Multi CS...
CVE-2006-5984
Multiple cross-site scripting XSS vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the 1 txtCompanyName, 2 txtEmail, or 3 txtUserAccNum parameter to a users.asp, or the 4 setThemeColour parameter to b default.asp ...
CVE-2006-5984
Helm Web Hosting Control Panel 3.2.10 is affected by CVE-2006-5984: multiple XSS weaknesses in the Admin, Reseller, and User levels. The vectors include user input in (1) txtCompanyName, (2) txtEmail, (3) txtUserAccNum to users.asp; (4) setThemeColour to default.asp (Reseller/Admin) and (5) setTh...
CVE-2006-5984
Multiple cross-site scripting XSS vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the 1 txtCompanyName, 2 txtEmail, or 3 txtUserAccNum parameter to a users.asp, or the 4 setThemeColour parameter to b default.asp ...
CVE-2006-1407
CVE-2006-1407 concerns multiple cross-site scripting (XSS) flaws in Helm Web Hosting Control Panel 3.2.10 and earlier. The affected components are domains.asp (txtDomainName) and default.asp (SearchText, UserLevel) where user-controlled inputs can inject arbitrary script/HTML. The practical impac...
Helm Web Hosting Control Panel XSS vuln.
Helm Web Hosting Control Panel XSS vuln. Vuln. discovered by : r0t Date: 27 march 2006 vendor:http://www.webhostautomation.com/ affected versions:3.2.10 and prior orginal advisory: http://pridels.blogspot.com/2006/03/helm-web-hosting-control-panel-xss.html Vuln. description: Helm Web Hosting...
[Full-Disclosure] cPanel symlink chmod issue
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: cPanel Vendor URL: http://www.cpanel.net Author: Karol Wisek [email protected] Date: September 30, 2004 Issue: cPanel allows logged in users to change permission of any file to 755. Description: cPanel is a next generation web hosting...
More Cpanel Vuls (cross site scripting)
Advisory Name: More Cpanel Vuls cross site scripting Discovered by: Fable Greets: 0x29A Crew, !AM Crew, Atomix, d3thstar, mgrd, rootthief.com. Version Tested On: cPanel Build 9.1.0-STABLE 93 Most likely effects more Description cPanel & WebHost Manager WHM is a next generation web hosting control...
Cpanel 5 and below remote command execution and local root vulnerabilities
Products: Cpanel 5 and below http://www.cpanel.net Date: 19th February 2003 Author: pokleyzz pokleyzzatscan-associates.net Contributors: sk skatscan-associates.net shaharil shaharilatscan-associates.net Special thanks: Skywizard skywizardatmybsd.org.my Description =========== Cpanel is web hostin...