[Full-disclosure] cPanel 10 File Editing Vulnerability

2006-02-05T00:00:00
ID SECURITYVULNS:DOC:11304
Type securityvulns
Reporter Securityvulns
Modified 2006-02-05T00:00:00

Description

In cPanel 10, the script "erredit.html," which is supposed to edit a specific set of files, can edit any file acessible by the cPanel.

Example: http://www.example.com:2082/frontend/x/err/erredit.html?dir=public_html/&file=index.php