Installatron Plugin for DirectAdmin contains a flaw that leads to unauthorized privileges being gained. The issue is due to the program failing to restrict users from manipulating the cURL output. This may allow a remote attacker to gain elevated privileges.
Remote / Network Access
Loss of Integrity
It has been reported that this issue has been fixed. Upgrade to version 9.0.4, 8.0.16, or higher, to address this vulnerability.