Lucene search
K

121 matches found

SUSE CVE
SUSE CVE
added 2025/04/23 2:37 a.m.3 views

SUSE CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS7.2AI score0.00379EPSS
Exploits1References3
OSV
OSV
added 2025/04/20 1:15 a.m.8 views

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS5.8AI score0.00379EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.5 views

The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers targets programming environments such as cPanel & WHM, Plesk, and DirectAdmin, running on Linux operating systems. This vulnerability allows attackers to gain increased privileges.

The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers, as well as for cPanel & WHM, Plesk, and DirectAdmin operating systems on Linux, is related to errors in link processing. Exploiting this vulnerability allows a malicious actor to...

5.5CVSS5.9AI score0.00196EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.4 views

PT-2024-9769 · Directadmin +3 · Directadmin +5

Name of the Vulnerable Software and Affected Versions: Acronis Backup plugin for cPanel & WHM Linux versions before build 818 Acronis Backup extension for Plesk Linux versions before build 599 Acronis Backup plugin for DirectAdmin Linux versions before build 181 Description: The issue is related ...

5.5CVSS7.4AI score0.00196EPSS
Exploits0References9
OSV
OSV
added 2021/08/11 11:15 p.m.3 views

CVE-2021-38585

The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks SEC-585...

7.2CVSS5.8AI score0.01033EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/12 12:0 a.m.2 views

Awbs Advanced Webhost Billing System Cross-Site Request Forgery Vulnerability

Awbs Advanced Webhost Billing System is a Php-based web billing management system for managed hosting from Awbs USA. The platform provides web hosting and or domain name registration business services, providing an automated solution for web hosting management. A cross-site request forgery...

4.3CVSS6.9AI score0.00427EPSS
Exploits1References1
NVD
NVD
added 2021/01/08 7:15 a.m.14 views

CVE-2020-25950

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.3CVSS4.8AI score0.00427EPSS
Exploits1References1
OSV
OSV
added 2021/01/08 7:15 a.m.1 views

CVE-2020-25950

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.3CVSS5.8AI score0.00427EPSS
Exploits1References1
Prion
Prion
added 2021/01/08 7:15 a.m.10 views

Cross site request forgery (csrf)

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.3CVSS4.9AI score0.00427EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/01/08 6:54 a.m.60 views

CVE-2020-25950

Vulnerability summary (CVE-2020-25950) : A CSRF flaw in Advanced Webhost Billing System 3.7.0 can delete a contact via the My Added Contact page. The affected component is the web application logic handling contact management; the root cause is insufficient validation of request origin for state-...

4.3CVSS4.8AI score0.00427EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/01/08 6:54 a.m.14 views

CVE-2020-25950

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.8AI score0.00427EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/01/08 12:0 a.m.8 views

Awbs Advanced Webhost Billing System 跨站请求伪造漏洞

Awbs Advanced Webhost Billing System is a Php-based web billing management system for managed hosting from Awbs USA. The platform provides web hosting and or domain name registration business services, providing an automated solution for web hosting management. A cross-site request forgery...

4.3CVSS5.7AI score0.00427EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.220 views

Advanced Webhost Billing System 3.7.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: Advanced Webhost Billing System 3.7.0 - Cross-Site Request Forgery CSRF Date: 06/01/2021 Exploit Author: Rahul Ramakant Singh Vendor Homepage: https://www.awbs.com/ Version: 3.7.0 Tested on Windows Steps: 1. Login into the application with the help of email and password. 2. Navigat...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/06 12:0 a.m.186 views

Advanced Webhost Billing System 3.7.0 Cross Site Request Forgery

Exploit Title: Advanced Webhost Billing System 3.7.0 - Cross-Site Request Forgery CSRF Date: 06/01/2021 Exploit Author: Rahul Ramakant Singh Vendor Homepage: https://www.awbs.com/ Version: 3.7.0 Tested on Windows Steps: 1. Login into the application with the help of email and password. 2. Navigat...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/05/18 5:39 a.m.11 views

webhost-germany.de Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1164563 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/05/13 2:29 a.m.8 views

webhost-germany.de Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1159726 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.2AI score
Exploits0
Prion
Prion
added 2020/01/27 10:15 p.m.12 views

Cross site scripting

Cross-site Scripting XSS in cPanel WebHost Manager WHM 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01534EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/10/09 4:15 p.m.3 views

CVE-2019-17380

cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface SEC-528...

6.1CVSS6.4AI score0.00785EPSS
Exploits0References1
OSV
OSV
added 2019/08/06 2:15 p.m.2 views

CVE-2016-10797

cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certificate" page visitors to list all server domains SEC-133...

4.3CVSS5.8AI score0.00436EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/05 12:0 a.m.2 views

cPanel Cross-Site Scripting Vulnerability (CNVD-2019-26358)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in the WHM listips interface in versions prior to cPanel 68.0.27. The...

6.1CVSS6.3AI score0.00647EPSS
Exploits0References1
Rows per page
Query Builder