cPanel SQL注入漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a SQL injection vulnerability, which stems from insufficient SQL query cleaning in the sqloptimizer tool script. If the slow...

Exploit for Missing Authentication for Critical Function in Cpanel

cPanelSniper CVE-2026-41940 — c...

Exploit for CVE-2026-41940

cPanel/WHM Auth Bypass Scanner & Exploit Tool A Go command-li...

EUVD-2026-26246

cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

Thinking Beyond Price: What Tech Teams Should Look for in a Hosting Provider

Discover why reliability, scalability, and local support matter more than cost when choosing Australian web hosting for your tech stack...

EUVD-2008-6900

Malware in sbrugna...

EUVD-2006-1411

Malware in sbrugna...

EUVD-2014-4592

Malware in sbrugna...

EUVD-2008-6615

Malware in sbrugna...

EUVD-2014-9816

Malware in sbrugna...

EUVD-2014-4617

Malware in sbrugna...

UAT-7237 targets Taiwanese web hosting infrastructure

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat APT group active since at least 2022, which has significant overlaps with UAT-5918. UAT-7237 conducted a recent intrusion targeting web infrastructure entities within Taiwan and relies heavily on the use of open-source...

zpanelx 安全漏洞

zpanelx is an open source web hosting control panel from The ZPanel Project. A security vulnerability exists in zpanelx version 10.0.0.2, which stems from insufficient input cleanup in the htpasswd module and could lead to remote code execution...

PT-2025-31543 · Undefined · Undefined

An unauthenticated SQL injection vulnerability exists in the Kloxo web hosting control panel developed by LXCenter prior to version 6.1.12. The flaw resides in the login-name parameter passed to lbin/webcommand.php, which fails to properly sanitize input, allowing an attacker to extract the...

SUSE CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

UBUNTU-CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

UBUNTU-CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

Malicious code in 000webhost-connect (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 725d2bf04ddf915f303fabf69710fc72dda0ebbd3d770b0d799f7cba032c98eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

How to Migrate Your Ecommerce Web Hosting Stack From OpenStack to Linode

...

Malicious code in webhosting (PyPI)

--- -= Per source details. Do not edit below this line.=-...