CentOS Web Panel versions 0.9.8.740 and below suffer from cross site request forgery and cross site scripting vulnerabilities that can be leveraged to achieve remote root command execution.
5a8b5c22b6f88d4b23b7a0d7443350b170fd00adeeb921e879705dd19fe1cdd5Secunia Security Advisory - Multiple vulnerabilities have been discovered in Seo Panel, which can be exploited by malicious people to conduct cross-site scripting attacks.
47386b2d12c8b3b9e6ead10b0733005e85dac06c3fc2dbf401ecb5086424e69bcPanel remote privilege escalation exploit.
b24f6c8101f34051bd7c81722b9a5d54b2d7da9c7b8a5e86dc8b9c013fb4500aTrixbox versions 2.8.0.4 and below suffer from a remote user enumeration vulnerability via the Flash Operator Panel.
5fe530b38bbe1264123805cbd691c7f4036091c2a5950c46258181987161b42aThis php script is a Plesk Panel brute forcing utility.
4f39c5c3c1f0bbfea67df3fa70f94dc5fdaef76f6e58e93fca95bb2e26d320b9Proof of concept cross site request forgery code that adds a user for cPanel versions prior to 11.25.
a024c484981bd080759beb56b4616306d09fd3038a7cbfbd27ace111d7c4bed6seoPanel version 2.2.1 suffers from cross site request forgery vulnerabilities.
1bed8389ea592df8c17d9c3bcc85c68e8aef3fbaeaaeeaca216e29edbb9b5bcdCpanel X3 version 11.28.87 suffers from a cross site scripting vulnerability.
668b877429a09753fc0687182acb6df487a2b9db0ecabdd3f2936732861f677c1024cms Admin Control Panel version 1.1.0 Beta Complete-Modules package suffers from a directory traversal vulnerability.
3be2f44cf76e5ae7fd20ecc2e29adc30229ad16974dd5ac1a6083b763d488d8e1024cms Admin Control Panel version 1.1.0 Beta Master-cPanel package suffers from cross site scripting vulnerabilities.
ee30cc9ef6e3c2fbccfc4751f4a67c2589a0bea5b4988189e37b6e9bbbb7287d1024cms Admin Control Panel version 1.1.0 Beta Complete-Modules package suffers from cross site scripting vulnerabilities.
8cf4b9bea8adf52595b36b697b381a16521a1d20af19ec4ee2bc7ebe2230c9241024cms Admin Control Panel version 1.1.0 Beta Master-cPanel package suffers from a local file inclusion vulnerability.
7975b0f9f1c6865f41f7054ad4a84e1a382158deff42c3fd8fde2fef9aa1a5d61024cms Admin Control Panel version 1.1.0 Beta Complete-Modules package suffers from local file inclusion vulnerabilities.
fa4242a228ac0874e96bc27bc2c4b836686a7cdf15990449815adda1a30be809Debian Linux Security Advisory 2179-1 - Ansgar Burchardt discovered several vulnerabilities in DTC, a web control panel for admin and accounting hosting services.
cb2a9ac58a6b2e1392a9280f47f55599a385e8fd679a98056e66cd9868fd5fc3Mandriva Linux Security Advisory 2011-035 - The tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2. The updated packages have been patched to correct this issue.
bc3061e7437994cfa1e698306aec56aba5922b6fc005b13d7fec917c016f2077Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in Seo Panel, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
4a21c12dd6dfa7b67036b60cc6b208a68b486d7ee0916e7b4c38cda2153a213aSeo Panel version 2.2.0 suffers from multiple remote SQL injection vulnerabilities.
4aeaba7c6b82354b1bb4d94a7be9784d7bdf4c44c32481a7e292675ea6477aa8AIOCP (All In One Control Panel) version 1.4.001 suffers from a cross site request forgery vulnerability.
fcdfc6903b13ffd22a8db9581e48804daaa0402b0c206c1ae3148ebca25e7176AIOCP (All In One Control Panel) version 1.4.001 remote SQL injection exploit.
2cfeca1d1569e62cc86cd3db7d5dd59073de3ab84769e38004535af3eb0d0ac5The Drupal Panels module suffers from a cross site scripting vulnerability.
aa5cfc88566f07e1009870ca9ea3e273c1b7bbcae3e506c69c86ba57bfc6bf5bSeo Panel suffers from a cookie-rendering persistent cross site scripting vulnerability.
946d257e463809754be32de45dca92ae5a1e14ead7ac7c8148d4119c0960b2faSecunia Security Advisory - A vulnerability has been reported in Panels module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
34a6df4c63b795e06579e8b8e19b81edcd233748ea5bc1d9f303de1291277a44Secunia Security Advisory - cPanel has acknowledged some vulnerabilities in Exim, which can be exploited by malicious people to compromise a vulnerable system.
6a70abc05b2e1d1d389082b3c6f5ac008915c253d71d528838230a8d8d5e78b8Cpanel version 11.x suffers from an edit e-mail cross site request forgery vulnerability.
940b3096d64665a1eaf671726f4e0329d1ffcd416d5b545991d85db1afb8f09cThe Call for Papers for the second annual HITBSecConf in Europe is now open. Taking place from the 17th through the 20th of May at the NH Grand Krasnapolsky in Amsterdam, HITB2011AMS will be a quad-track conference line up featuring keynote speaker Joe Sullivan (Chief Security Officer of Facebook) and a special keynote panel discussion on The Economics of Vulnerabilities.
cf58e87d0c2a449f61522b9a8f6f8a34944b6a681ba5ece86b407d733ad934d1The SAP NetWeaver administrator panel from ECC version 6.0 suffers from cross site scripting vulnerabilities.
3d805721f30788cc734b4cca6025ed61f899f4240facd6d677bd99feb4a472b9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed