Security 10748 Published by

The official web site for the web hosting interface zPanel has been hacked after a support team member insulted a forum member



From The H Online:
On Wednesday, a forum member going by the name joepie91_ posted details of a vulnerability in zPanel that has been known about for some time, saying that the developer team has been refusing to fix it. He explained that specially prepared templates can be used to execute commands on the server with root privileges and called zPanel "the most insecure hosting panel with any significant userbase" that he had ever seen.

Forum participant PS2Guy, a member of the support team, was clearly not willing to let that accusation stand. In the very first sentence of his response, he called joepie91_ a "fucken little know it all", adding that all security problems in zPanel have been fixed and challenging the accuser to try to hack into any server with the current version 10.0.2 of zPanel.
  zPanel hacked