Type packetstorm
Reporter DoZ
Modified 2007-02-06T00:00:00


                                            ` DirectAdmin Multiple Cross Site Scripting Vulnerabilities  
Control panel for web hosting companies running Red Hat 7.x, 8.x, 9.x,   
Red Hat Enterprise and FreeBSD. This issue is due to a failure in the   
application to properly sanitize user-supplied input. Attackers may   
exploit this issue via a web client. An attacker may leverage this   
issue to have arbitrary script code execute in the browser of an   
unsuspecting user in the context of the affected site. This may help   
the attacker steal cookie-based authentication credentials and launch   
other attacks. A successful exploit could allow an attacker to   
compromise the application, access or modify data, or exploit   
vulnerabilities in the underlying database implementation.  
Hackers Center Security Group (  
Credit: Doz  
Remote: Yes  
Local: Yes  
Class: Cross-Site Scripting  
Version: 1.29.0  
Attackers can exploit these issues via a web client.  
Uebimiau Mail (HSC Advisory)  
Security researcher? Join us: mail Zinho at zinho at  
This message was sent using IMP, the Internet Messaging Program.