ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scripts after they have been used, which allows remote malicious users to reinstall the software and possibly cause a denial of service via a direct request to install.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zpanel zpanel 2.5_beta10 |
||
zpanel zpanel 2.0 |