Here's something that will get the cpanel hits working ovetime !
If I list domains in my WHM and click on any domain that will bring up the domain correct ?
BUT if I then go to the latest visitors in that domain I will see a link like this:
Http Code: 200 Date: Jun 26 18:18:55 Http Version: HTTP/1.1 Size in Bytes: 18067
Referer: http://xxxxx.com:2086/scripts2/listaccts?skip=18&search=&searchtype=&acctp=30
Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4
I can then click on this link and list every domain on the server from the customers cpanel
Would you call this a security issue ?
If I list domains in my WHM and click on any domain that will bring up the domain correct ?
BUT if I then go to the latest visitors in that domain I will see a link like this:
Http Code: 200 Date: Jun 26 18:18:55 Http Version: HTTP/1.1 Size in Bytes: 18067
Referer: http://xxxxx.com:2086/scripts2/listaccts?skip=18&search=&searchtype=&acctp=30
Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4
I can then click on this link and list every domain on the server from the customers cpanel
Would you call this a security issue ?