[BUGTRAQ] Few remote bugs in zPanel
Hello,
Few bugs have been discovered (accidently) in zPanel.
Developers were notified on 07.March but I have not received any
response.
Best regards, Mikhail.
-------------------------------------------------------------
[Product Description]
"ZPanel is a hosting control interface developed for both Windows and
Linux hosts.
We will soon be developing two different distributions to fit the needs of
both
platforms."
Tested:
ZPanel has been tested on the following server operating systems:
Windows Linux
2000 Advanced Server Fedora 2
2000 Server FreeBSD 4.9, 5.2.1
2003 Enterprise Server Mandrake 9.1, 9.2
XP RedHat 7.3, 9
Versions:
Stable - ZPanel v2.0
Latest Beta - ZPanel v2.5b10
[Summary]
Successful exploitation of an input validation vulnerability in ZPanel
scripts
allows attackers to execute SQL commands, include remote and local files,
get sensetive information.
Few bugs have been discovered (accidently) in zPanel.
Developers were notified on 07.March but I have not received any
response.
Best regards, Mikhail.
-------------------------------------------------------------
[Product Description]
"ZPanel is a hosting control interface developed for both Windows and
Linux hosts.
We will soon be developing two different distributions to fit the needs of
both
platforms."
Tested:
ZPanel has been tested on the following server operating systems:
Windows Linux
2000 Advanced Server Fedora 2
2000 Server FreeBSD 4.9, 5.2.1
2003 Enterprise Server Mandrake 9.1, 9.2
XP RedHat 7.3, 9
Versions:
Stable - ZPanel v2.0
Latest Beta - ZPanel v2.5b10
[Summary]
Successful exploitation of an input validation vulnerability in ZPanel
scripts
allows attackers to execute SQL commands, include remote and local files,
get sensetive information.
