cPanel up to 98.0.0 /scripts/cpan_config Privilege Escalation

A vulnerability was found in cPanel up to 98.0.0 (Hosting Control Software). It has been declared as problematic. This vulnerability affects an unknown functionality of the file /scripts/cpan_config. Upgrading to version 98.0.1 eliminates this vulnerability. The upgrade is hosted for download at docs.cpanel.net.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

Description Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. References https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216 https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4 For More Information MITRE

CVE-2022-36801 : ATLASSIAN JIRA SERVER/JIRA DATA CENTER UP TO 8.20.7 TEAMMANAGEMENT.JSPA CROSS SITE SCRIPTING

CVE-2022-36801 : ATLASSIAN JIRA SERVER/JIRA DATA CENTER UP TO 8.20.7 TEAMMANAGEMENT.JSPA CROSS SITE SCRIPTING

Description Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript