Dear ispCP users ;
An Identical security hole was discovered today in these scripts:
The patch attached to the ticket #2411
was updated today.
Also, it's recommended to remove all the /var/log/ispcp/* log after fixing this security hole by setting debug mode to 0, or by applying the patch. For versions prior to ispCP 1.0.5, it's strongly recommended to migrate and to apply the patch.
For the last script, it's really more important because this time, it's the main SQL account login (eg. SQL root account) credentials that is stored in cleartext.
We apologize for any inconvenience caused.