gplhost

Top products

The 15 most recently published vulnerabilities affecting gplhost.

• CVE-2011-5276SQL injection vulnerability in the drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote authenticated users to ...6.5Mar 20, 2014
• CVE-2011-5275The install script in Domain Technologie Control (DTC) before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges.7.5Mar 20, 2014
• CVE-2011-5274The drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote attackers to execute arbitrary commands via shell meta...7.5Mar 20, 2014
• CVE-2011-5273Directory traversal vulnerability in shared/package-installer in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in...6.5Mar 20, 2014
• CVE-2011-5272SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the vps_note parameter to dtcadmin/logPushlet.p...6.5Mar 20, 2014
• CVE-2011-3199Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0.34.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message bod...3.5Mar 20, 2014
• CVE-2011-3198Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local users to read the password by listing the process and its arg...2.1Mar 20, 2014
• CVE-2011-3197SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/doma...6.5Mar 20, 2014
• CVE-2011-3196The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by...2.1Mar 20, 2014
• CVE-2011-3195shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.6.5Mar 20, 2014
• CVE-2011-0437shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_a...4.0Mar 7, 2011
• CVE-2011-0436The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote atta...5.0Mar 7, 2011
• CVE-2011-0435Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially se...5.0Mar 7, 2011
• CVE-2011-0434Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php...7.5Mar 7, 2011
• CVE-2009-0402SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute arbitrary SQL commands via the (1) familyname, (2) christ...7.5Feb 3, 2009