Upgrade your CyberPanel installation (phpMyAdmin vulnerability)! — CyberPanel - WebHosting Control Panel for OpenLiteSpeed
CyberHosting

Upgrade your CyberPanel installation (phpMyAdmin vulnerability)!

istiak101istiak101
edited March 27 in Database Server
A vulnerability was recently found in phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.

https://nvd.nist.gov/vuln/detail/CVE-2020-5504

CyberPanel's Github stable branch 1.9.4 and beta branch 1.9.5 is patched by now. Please run upgrade script using the following command.

sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O - https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)
Tagged:
Tagged:
Share on Facebook

Comments

  • daotiendungdaotiendung
    wow
    Thủ Thuật VIP - MitGroup
    Share on Facebook
  • alfred0809alfred0809
    cPanel is very vulnerable.
    Share on Facebook
  • ghdsportsghdsports
    Thanks for the best one.
    http://ghdsports.xyz/
    Share on Facebook
  • aamirkhanaamirkhan
    1 more issue when we install any php version and we try to edit upload sql size on confi it keep the same 2mb size didnt increase kindly fix this issue
    Share on Facebook
  • mysterio918mysterio918
    In cyberpanel version 2.0.3, we cannot log in with the root user since it is entered as auto-access in phpmyadmin. How can I login to phpmyadmin as root user.
    Share on Facebook
  • klasekpklasekp
    This helped me (for MariaDB) https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password
    Share on Facebook
  • quoviz_devquoviz_dev
    klasekp That has nothing to do with what mysterio918 stated. I'm having the same issue as mysterio918 but it has nothing to do with the root password. We have access via command line as root but there is no way in 2.0.3 to log into phpMyadmin as the root user.

    There should be a way to access as root user to phpmyadmin
    Share on Facebook
  • NumerikuNumeriku
    Type your comment> @quoviz_dev said:
    > klasekp That has nothing to do with what mysterio918 stated. I'm having the same issue as mysterio918 but it has nothing to do with the root password. We have access via command line as root but there is no way in 2.0.3 to log into phpMyadmin as the root user.
    >
    > There should be a way to access as root user to phpmyadmin

    This will be fixed in the upcoming version.
    Share on Facebook
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links

Categories

In this Discussion