DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability

No description provided by source. Vendor: http://www.directadmin.com/ Code : Create Administrator : html titleDirectAdmin v1.34.0 XSRF Create Administrator Vulnerability/title !--!Set You'r victim By SarBoT511 !-- form name="reseller" action="http://site.com:2222/CMDACCOUNTADMIN" method="post"...

DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability

Exploit for unknown platform in category web applications =========================================================== DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability =========================================================== Vendor: http://www.directadmin.com/ Code : Create...

DirectAdmin 1.34.0 - Cross-Site Request Forgery (Add Admin)

DirectAdmin 1.34.0 - Cross-Site Request Forgery Add Admin Vendor: http://www.directadmin.com/ Code : Create Administrator : DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability...

DirectAdmin 1.34.0 - Cross-Site Request Forgery (Add Admin)

Vendor: http://www.directadmin.com/ Code : Create Administrator : DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability...

CVE-2009-2216

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

CVE-2009-2216

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

Cross site scripting

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

CVE-2009-2216

DirectAdmin 1.33.6 and earlier contains an XSS in CMD_REDIRECT usable via the view=advanced URI parameter. Exploitation could allow remote attackers to inject arbitrary script/HTML. The issue is documented under CVE-2009-2216 across multiple feeds; affected product is DirectAdmin with versions up...

CVE-2009-2216

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

PT-2009-4665

Name of the Vulnerable Software and Affected Versions DirectAdmin versions 1.33.6 and earlier Description A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request. This occurs due to a vulnerability in CMD...

DirectAdmin 1.33.6 - CMD_REDIRECT Cross-Site Scripting

DirectAdmin 1.33.6 - CMDREDIRECT Cross-Site Scripting source: https://www.securityfocus.com/bid/35450/info DirectAdmin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary...

DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting

source: https://www.securityfocus.com/bid/35450/info DirectAdmin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

Deserialization of untrusted data

CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...

CVE-2009-1526

JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...

CVE-2009-1525

CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...

CVE-2009-1526

JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...

CVE-2009-1525

DirectAdmin (JBMC Software) CMD_DB vulnerability CVE-2009-1525 affects DirectAdmin before 1.334. Remote authenticated users can gain privileges by supplying shell metacharacters in the name parameter during a restore action. Root cause involves processing of shell metacharacters in the restore wo...

CVE-2009-1526

CVE-2009-1526 affects JBMC Software DirectAdmin versions prior to 1.334. The vulnerability is a local privilege issue where an attacker can create or overwrite arbitrary files via a symlink attack on a temporary file used in the CMD_DB script during a backup action. The root cause is improper han...

CVE-2009-1526

JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...

PT-2009-4023

Name of the Vulnerable Software and Affected Versions: JBMC Software DirectAdmin versions prior to 1.334 Description: The issue allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory. This is related to a request for this...