260 matches found
Researcher Builds Parler Archive Amid Amazon Suspension
A security researcher said she has scraped and is archiving 99 percent of Parler’s public posts, as the social-media network goes offline following suspensions from Amazon, Apple and Google. Archived content includes public posts from the social-media site. These posts reportedly included Parler...
ISPConfig SQL Injection Vulnerability (CNVD-2021-02036)
ISPConfig is an open source web hosting management program for Linux with a Web control panel , you can use the Web control panel to manage web hosting , open a website , open a mailbox , open and manage mysql databases , support for DNS resolution and monitor the server's operating conditions an...
2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software
cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication 2FA protection on an account. The issue, tracked as "SEC-575" and discovered...
The Now-Defunct Firms Behind 8chan, QAnon
Some of the worlds largest Internet firms have taken steps to crack down on disinformation spread by QAnon conspiracy theorists and the hate-filled anonymous message board 8chan. But according to a California-based security researcher, those seeking to de-platform these communities may have...
CVE-2020-26113
cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces SEC-569...
CentOS Web Panel Operating System Command Injection Vulnerability (CNVD-2020-44602)
CentOS Web Panel CWP is a free web hosting control panel. An operating system command injection vulnerability exists in the ajaxmodsecurity.php file in the CentOS Web Panel cwp-el7-0.9.8.891 release, which stems from a failure to properly validate user-supplied strings before executing system...
CVE-2020-15612 — CentOS Web Panel Authentication Bypass/RCE
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. When parsing the userLogin parameter, the process...
Plesk/myLittleAdmin - ViewState .NET Deserialization Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...
Plesk/myLittleAdmin ViewState .NET Deserialization
This module exploits a ViewState .NET deserialization vulnerability in web-based MS SQL Server management tool myLittleAdmin, for version 3.8 and likely older versions, due to hardcoded parameters in the web.config file for ASP.NET. Popular web hosting control panel Plesk offers myLittleAdmin as ...
DigitalOcean Data Leak Incident Exposed Some of Its Customers Data
DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers' data to unknown and unauthorized third parties. Though the hosting company has not yet publicly released a statement, it did has started warning...
BlueOnyx 5209R Cross-Site Request Forgery Vulnerability
BlueOnyx 5209R is an open source web hosting solution. The product includes email, DNS and file transfer services, among others. A cross-site request forgery vulnerability exists in the /login URI in BlueOnyx 5209R. The vulnerability stems from a WEB application that does not adequately validate...
GoDaddy suffers data breach after hackers access SSH accounts
By Deeba Ahmed GoDaddy Admits Data Breach Affecting Web Hosting Account Credentials of Unknown Number of Customers. This is a post from HackRead.com Read the original post: GoDaddy suffers data breach after hackers access SSH accounts...
SQL Injection Vulnerability in Star Outlook Web Hosting Management System
Star Outlook Web Hosting Management System is the most secure and fully automated web hosting management system. The StarWorld Web Hosting Management System has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...
What Brings The Essence Of Secured Web Hosting
By Uzair Amir Here's why secure hosting is a must! This is a post from HackRead.com Read the original post: What Brings The Essence Of Secured Web Hosting...
Ransomware Attack Downs Hosting Service SmarterASP.NET
SmarterASP.NET, a popular web hosting provider with more than 440,480 customers, has been hit with a ransomware attack that took down its customers’ websites that were hosted by the company. The company on Monday said it is in the process of recovering impacted data. SmarterASP.NET offers shared...
The Role of Human Error in Cyberattacks
One surefire way to guarantee cybersecurity is to restrict access to or stay off the internet. Unfortunately, this isn’t a feasible option, since the internet is such a crucial part of day-to-day life. As such, companies work to protect their data with endpoint security, selecting reputable web...
Unspecified vulnerability in cPanel (CNVD-2019-29019)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. An attacker can exploit this vulnerability to perform...
cPanel cross-site scripting vulnerability (CNVD-2019-29020)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in WHM Edit System Mail Preferences in versions prior to cPanel 55.9999.141. The vulnerability...
cPanel Information Disclosure Vulnerability (CNVD-2019-28994)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An information disclosure vulnerability exists in the WHM 'Purchase and Install an SSL Certificate' page in cPanel versions prior...
Unspecified vulnerability in cPanel (CNVD-2019-27417)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 60.0.15. An attacker could exploit this vulnerability to cause a...