cPanel up to 98.0.0 /scripts/cpan_config Privilege Escalation

A vulnerability was found in cPanel up to 98.0.0 (Hosting Control Software). It has been declared as problematic. This vulnerability affects an unknown functionality of the file /scripts/cpan_config. Upgrading to version 98.0.1 eliminates this vulnerability. The upgrade is hosted for download at docs.cpanel.net.

Contact us to get started

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

Description Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can

Learn more

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. References https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216 https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4 For More Information MITRE

Learn more

CVE-2022-36801 : ATLASSIAN JIRA SERVER/JIRA DATA CENTER UP TO 8.20.7 TEAMMANAGEMENT.JSPA CROSS SITE SCRIPTING

Description Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript

Learn more

cPanel up to 98.0.0 /scripts/cpan_config Privilege Escalation

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

CVE-2022-36801 : ATLASSIAN JIRA SERVER/JIRA DATA CENTER UP TO 8.20.7 TEAMMANAGEMENT.JSPA CROSS SITE SCRIPTING