Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

All MySQL Databases on our server can be viewed by any user.

Discussion in 'General Discussion' started by neonix, Aug 26, 2005.

  1. neonix

    neonix Well-Known Member

    Oct 21, 2004
    Likes Received:
    Trophy Points:
    I upgraded cpanel to the latest release 10.6.0-RELEASE 55 and noticed that a user could see all the databases on the server through PHPMyadmin.

    Also, this php script enabled me to connect to any database on the server from a normal user account i.e without root permissions. Here is the little code that is used to get the list of all DBs on the server. Ideally, MySQL should restrict it to the DB's on that particular domain.

    $link = mysql_connect('localhost', 'db_user', '');
    $db_list = mysql_list_dbs($link);

    while ($row = mysql_fetch_object($db_list)) {
    echo $row->Database . "n<br>";

    Please note that it shows al the databases and connects to the database but does not allow database operations such as SELECT, UPDATE...

    I have upgraded apache and PHPMyAdmin no longer shows all the databases. But the php script still shows them..

    This has happened after I upgraded cPanel and since I use this PHP script on a daily basis I am sure that this problem did not exist before.

    I tried mysql_fix_privilege_tables command but it did not work.

    MySQL version is 4.0.25 / Red Hat Enterprise

    What do I do now? Please advise.
  2. Mike2Own

    Mike2Own Active Member

    Apr 1, 2004
    Likes Received:
    Trophy Points:
    same problem... same cpanel release version too
  3. Marty

    Marty Well-Known Member

    Oct 10, 2001
    Likes Received:
    Trophy Points:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice