WHMEZLogin


# VER L/R AUTH S REPORTED TYPE DESCRIPTION
01 ? L Y N 04/??/2008 design issue whmezlogin users could obtain the root password




Trivial very minor issues
Low XSS, info leaks
Medium destructive actions, access others' accounts
High local root (auth required), /root/.accesshash, /etc/shadow access
Less Critical local root (no auth required)
Critical remote root (no auth required)
L/R Local/Remote
Auth Authentication required
S Bug found via source code review