Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

**Hack warning** Interchange

Discussion in 'General Discussion' started by smejworth, Mar 28, 2004.

  1. smejworth

    smejworth Registered

    Joined:
    Nov 7, 2003
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    151
    Not sure how affected cpanel's install is, but a hack exists to display the username & password of the database interchange is using.

    As cpanels default behaviour is to give the same username and password to ssh, ftp & mysql etc it could possibly give complete access to virtual hosts.

    Here is a quick wodge, don't know if it fixes it completly:

    your_interchange_catalog_dir/special_pages/missing.html

    Remove all instances of

    @@MV_PREV_PAGE@@

    &

    [subject]


    Hope noone got bitten!
     
  2. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    318
    Or even better... disable it altogether :) And hey.. thats what the interchange developers suggest as well!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice