Upgrade your CyberPanel installation (phpMyAdmin vulnerability)!
A vulnerability was recently found in phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
https://nvd.nist.gov/vuln/detail/CVE-2020-5504
CyberPanel's Github stable branch 1.9.4 and beta branch 1.9.5 is patched by now. Please run upgrade script using the following command.
sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O - https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)
https://nvd.nist.gov/vuln/detail/CVE-2020-5504
CyberPanel's Github stable branch 1.9.4 and beta branch 1.9.5 is patched by now. Please run upgrade script using the following command.
sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O - https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)
Tagged:
Tagged:
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!