Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
syscp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-0850
scripts/cronscript.php in SysCP 1.2.15 and previous versions includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP ...
Syscp Team Syscp 1.2.10
Syscp Team Syscp 1.2.15
7.2
CVSSv2
CVE-2007-0849
scripts/cronscript.php in SysCP 1.2.15 and previous versions does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a ...
Syscp Team Syscp
1 EDB exploit
7.5
CVSSv2
CVE-2005-2567
PHP remote file inclusion vulnerability in SysCP 1.2.10 and previous versions allows remote malicious users to execute arbitrary PHP code via the language parameter.
Syscp Team Syscp
7.5
CVSSv2
CVE-2005-2568
Eval injection vulnerability in the template engine for SysCP 1.2.10 and previous versions allows remote malicious users to execute arbitrary PHP code via a string containing the code within "{" and "}" (curly bracket) characters, which are processed by the PH...
Syscp Team Syscp 1.2.10
7.5
CVSSv2
CVE-2010-2476
syscp 1.4.2.1 allows malicious users to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.
Syscp Project Syscp 1.4.2.1
5
CVSSv2
CVE-2006-0132
Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6 and possibly earlier allows remote malicious users to include and execute arbitrary local PHP scripts, and possibly read other types of files, via a .. (dot dot) and a trailing null in the webftp_language param...
Webftp Webftp 1.2.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started