cPanel TSR-2014-0007 Full Disclosure

cPanel TSR-2014-0007 Full Disclosure: cPanel has released a full disclosure for TSR-2014-0007. [1] Case 109049 Summary Arbitrary file overwrite in /scripts/synccpaddonswithsqlhost. Security Rating cPanel has assigned a Security Level of Important to this vulnerability. Description The synccpaddonswithsqlhost script performed unsafe file operations inside the home directories of unprivileged users while running with root’s permissions. By […]

cPanel TSR-2014-0007 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having security impact levels ranging from Minor to Important. If your […]

WordPress Slider Revolution Plugin vulnerability

Slider Revolution Plugin is a premium WordPress plugin used by many premium themes. This plugin is bundle with premium WordPress themes. Back in February 2014, there was a critical vulnerability discovered in this plugin. This was patched by the developers however it is possible that themes were not updated to use the latest version and […]

WordPress 4.0 “Benny” released

WordPress 4.0 is now available. Users can directly upgrade WordPress version from their admin area. Be sure to secure full backup before upgrading to WordPress 4.0 Version 4.0 of WordPress, named “Benny” in honor of jazz clarinetist and bandleader Benny Goodman. This release brings you a smoother writing and management experience. Following are the complete […]

EasyApache 3.26.7 Released

cPanel, Inc. has released EasyApache 3.26.7 with Apache version 2.2.29. This release addresses vulnerabilities CVE-2014-0118, CVE-2014-0231, CVE-2014-0226 and CVE-2013-5704. It is recommended all Apache 2.2 users to upgrade to Apache version 2.2.29. AFFECTED VERSIONS All versions of Apache 2.2 before version 2.2.29. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings […]

HostBill Version 02-09-2014 released

HostBill is a complete client management, billing and support  system used by many web hosting companies. Recently they have released an update to address few bug fixes and new features. Following are the list of features and bug fixes address in HostBill Version 02-09-2014: Features: Added option to sort Knowledge base categories and articles. Added […]

cPanel 11.40 EOL notice

cPanel Inc. announced that cPanel 11.40 will reach End of Life at the end of October 2014. In accordance with their EOL policy [http://go.cpanel.net/longtermsupport], 11.40 will continue functioning on servers after reaching EOL. However, no further updates, such as security fixes and installations, will be provided for 11.40 once it reaches its EOL date. It […]

WHMCS 5.3.9 released

WHMCS has announced the availability of WHMCS 5.3.9. WHMCS 5.3.9 has addressed few security issues reported by their security bounty program, or discovered internally by the WHMCS Development Team. WHMCS has rated these updates as having a moderate to important security impact. Currently they have not released more details on security updates. Once the sufficient […]

EasyApache 3.26.6 Released

cPanel, Inc. has released EasyApache 3.26.6 with PHP versions 5.4.32 and 5.5.16. This release addresses vulnerabilities CVE-2014-3538, CVE-2014-3587, CVE-2014-2497, CVE-2014-5120, CVE-2014-3597, CVE-2014-4670 and CVE-2014-4698. It is recommended all PHP 5.4 users to upgrade to PHP version 5.4.32 and all PHP 5.5 users to upgrade to PHP version 5.5.16. AFFECTED VERSIONS All versions of PHP 5.4 […]

Critical Vulnerability Disclosed on WordPress Custom Contact Forms Plugin

If you are a using WordPress Custom Contact Forms plugin, you need to update it immediately. There was a critical vulnerability existed in WordPress Custom Contact Forms plugin that allows an attacker to download and modify your database remotely (no authentication required). Who’s affected? The plugin is downloaded more than 600,000+ and the vulnerability affects […]