[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":143,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":150,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":156,"vulnerability-22450":163},[4,15,20,28,34,41,46,53,59,66,71,78,83,90,96,106,112,119,124,130,135],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting (A-B test)","compliance-advanced-pentest-reporting-1","Stop piecing together reports manually. Upgrade today to unlock instant proof for audits.","https://pentest-tools.com/pricing",false,[11],"/features/advanced-pentest-reporting","Unlock audit-ready reports","primary",null,{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting","compliance-advanced-pentest-reporting","Prove your compliance. Get built-in validation with audit-ready reports.",[11],{"title":21,"slug":22,"text":23,"link":8,"external":9,"targets":24,"cta":26,"variant":27,"campaign_id":14},"Compliance - Integrations (A-B test)","compliance-integrations-1","Disconnected tools will fail your next audit. Unlock the integrations needed for compliance.",[25],"/features/integrations","Connect your stack","secondary",{"title":29,"slug":30,"text":31,"link":8,"external":9,"targets":32,"cta":33,"variant":13,"campaign_id":14},"Compliance - Integrations","compliance-integrations","Disconnected tools hide compliance breaches. Stay audit-ready 24/7 with the right integrations.",[25],"Automate your compliance",{"title":35,"slug":36,"text":37,"link":8,"external":9,"targets":38,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier (A-B test)","compliance-ml-classifier-1","Ghost vulnerabilities drain time and chip your compliance. Upgrade to WebNetSec to stay audit-ready with 50% fewer FPs.",[39],"/features/machine-learning-classifier","Explore WebNetSec",{"title":42,"slug":43,"text":44,"link":8,"external":9,"targets":45,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier","compliance-ml-classifier","Put compliance on Auto this year with 50% fewer FPs. Go deeper with the WebNetSec plan.",[39],{"title":47,"slug":48,"text":49,"link":8,"external":9,"targets":50,"cta":52,"variant":13,"campaign_id":14},"Compliance - Network Scanner (A-B test)","compliance-network-scanner-1","Unmapped assets are compliance landmines - upgrade your plan with complete attack surface visibility.",[51],"/network-vulnerability-scanning/network-security-scanner-online","Get deep network scans",{"title":54,"slug":55,"text":56,"link":8,"external":9,"targets":57,"cta":58,"variant":13,"campaign_id":14},"Compliance - Network Scanner","compliance-network-scanner","Map your attack surface and prove infrastructure compliance with the Network Scanner. Available with any plan.",[51],"Upgrade your plan",{"title":60,"slug":61,"text":62,"link":8,"external":9,"targets":63,"cta":65,"variant":13,"campaign_id":14},"Compliance - Pentest Robots (A-B test)","compliance-pentest-robots-1","Don’t leave compliance to chance - deploy Pentest Robots to quickly automate your audit readiness.",[64],"/features/pentest-robots","Automate continuous scans",{"title":67,"slug":68,"text":69,"link":8,"external":9,"targets":70,"cta":65,"variant":13,"campaign_id":14},"Compliance - Pentest Robots","compliance-pentest-robots","Put compliance on Auto with Pentest Robots. Available with any plan.",[64],{"title":72,"slug":73,"text":74,"link":8,"external":9,"targets":75,"cta":77,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter (A-B test)","compliance-sniper-auto-exploiter-1","Deliver audit-ready proof instantly and stay compliant 24/7/365 - only with Sniper: Auto-Exploiter. Available with Pentest Suite.",[76],"/exploit-helpers/sniper","Get proof with Pentest Suite",{"title":79,"slug":80,"text":81,"link":8,"external":9,"targets":82,"cta":77,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter","compliance-sniper-auto-exploiter","Get audit-ready proof and put compliance on Auto with our proprietary Sniper: Auto-exploiter. Available with Pentest Suite.",[76],{"title":84,"slug":85,"text":86,"link":8,"external":9,"targets":87,"cta":89,"variant":13,"campaign_id":14},"Compliance - Website Scanner (A-B test)","compliance-website-scanner-1","Web vulnerabilities let in devastating compliance fines. Stay audit-ready with deep, proprietary scans. Available with the WebNetSec plan.",[88],"/website-vulnerability-scanning/website-scanner","Upgrade to WebNetSec",{"title":91,"slug":92,"text":93,"link":8,"external":9,"targets":94,"cta":95,"variant":13,"campaign_id":14},"Compliance - Website Scanner","compliance-website-scanner","Prove real risk instantly and put compliance on Auto with the Website Scanner. Available with the WebNetSec plan.",[88],"Unlock AppSec compliance",{"title":97,"slug":98,"text":99,"link":100,"external":101,"targets":102,"cta":104,"variant":27,"campaign_id":105},"cPanel & WHM Free Scanner Blog","cpanel-whm-blog","CVE-2026-41940: free scanner for the cPanel auth bypass. ~1.5M instances exposed","/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass",true,[103],"/blog","Run a free scan","cpanel-whm",{"title":107,"slug":108,"text":109,"link":100,"external":101,"targets":110,"cta":104,"variant":13,"campaign_id":105},"cPanel & WHM Free Scanner CVE page","cpanel-whm-cve-page","Free scanner: detect CVE-2026-41940 across cPanel & WHM assets now",[111],"/vulnerabilities-exploits/cpanel-and-whm-authentication-bypass-via-session-file-crlf-injection_29257",{"title":113,"slug":114,"text":115,"link":100,"external":101,"targets":116,"cta":118,"variant":13,"campaign_id":105},"cPanel & WHM Free Scanner Homepage","cpanel-whm-free-scanner","FREE CVE-2026-41940 scanner - check your cPanel & WHM targets now!",[117],"/","Check now",{"title":120,"slug":121,"text":122,"link":100,"external":101,"targets":123,"cta":104,"variant":13,"campaign_id":105},"cPanel & WHM Free Scanner Network Scanner","cpanel-whm-network-scanner","New: detect cPanel & WHM auth bypass (CVE-2026-41940) for free!",[51],{"title":125,"slug":126,"text":127,"link":100,"external":101,"targets":128,"cta":104,"variant":27,"campaign_id":105},"cPanel & WHM Free Scanner Vulndb index","cpanel-whm-vulndb-index","New: free scanner for the cPanel & WHM authentication bypass (CVE-2026-41940)",[129],"/vulnerabilities-exploits",{"title":131,"slug":132,"text":133,"link":100,"external":101,"targets":134,"cta":104,"variant":27,"campaign_id":105},"cPanel & WHM Free Scanner Website Scanner","cpanel-whm-website-scanner","New: free scanner for cPanel & WHM auth bypass (CVE-2026-41940)",[88],{"title":136,"slug":137,"text":138,"link":139,"external":101,"targets":140,"cta":141,"variant":13,"campaign_id":142},"Office hours #3 - session 1","office-hours-3-session-1","Got 45 minutes on Wednesday? We're going live with Office Hours!","https://zoom.us/webinar/register/5517785142308/WN_hWqbS--1TtCjvZZ2GTKkOQ",[117],"Save your seat","office-hours-3",["Island",144],{"key":145,"params":146,"result":148},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":147},"{}",{"head":149},{},["Island",151],{"key":152,"params":153,"result":154},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":147},{"head":155},{},["Island",157],{"key":158,"params":159,"result":161},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":160},"{\"text-color\":\"gray\"}",{"head":162},{},{"id":164,"detectable_with":165,"vuln_details":172,"vuln_id":189,"name":190,"published":191,"updated":14},22450,{"tool":166,"engine":169},{"id":167,"name":168},1,"Network Scanner",{"id":170,"name":171},2,"Nuclei",{"id":164,"codename":14,"description":14,"severity":173,"risk_description":174,"public_description":175,"public_recommendation":176,"recommendation":14,"references":177,"cvssv3":183,"epss_score":184,"epss_percentile":185,"cve":186,"in_cisa_catalog":9,"date":188,"software_type":14,"vendor":14,"product":14,"ptt_exploit_capabilities":14},"critical","The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.","MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager.","Update MajorDoMo to a version newer than commit 0662e5e which addresses the command injection vulnerability.",[178,179,180,181,182],"http://packetstormsecurity.com/files/176273/MajorDoMo-Remote-Code-Execution.html","http://seclists.org/fulldisclosure/2023/Dec/19","https://github.com/sergejey/majordomo/commit/0662e5ebfb133445ff6154b69c61019357092178","https://github.com/sergejey/majordomo/commit/3ec3ffb863ea3c2661ab27d398776c551f4daaac","https://nvd.nist.gov/vuln/detail/CVE-2023-50917",9.8,0.92637,0.99752,[187],"CVE-2023-50917","2023-12-15T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2023-50917","MajorDoMo thumb.php - OS Command Injection","2024-01-11T00:00:00Z"]