Dear admin,
I am a freelance penetration tester who gladly uses plugins that softaculous provides to websites. Today, as I was trying out some demos in your website I found one demo that allowed me to upload anyfiles I wanted. I tried to enter a malicious file and it worked with no problem and ease. It was compiled and when I tested it I have access into the server of Softaculous. This is extremely dangerous. I have not disclosed the full vulnerability here for security reasons. I have messaged you in Facebook please reply ASAP. This is a serious security vulnerability.
|