5 matches found
DirectAdmin 'CMD_DOMAIN'跨站脚本漏洞
Bugtraq ID:52848 CVE ID:CVE-2012-5305 DirectAdmin是一款功能强大的虚拟主机在线管理系统 JBMC Software DirectAdmin CMDDOMAIN存在跨站脚本漏洞,允许攻击者通过domain参数注入任意WEB脚本或HTML,可获得敏感信息或劫持用户会话 0 JBMC Software DirectAdmin 1.403 厂商解决方案 目前没有详细解决方案提供: http://directadmin.com/...
CVE-2012-5305
The CVE-2012-5305 entry concerns JBMC Software DirectAdmin 1.403, with the vulnerable component CMD_DOMAIN. The root cause is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML by supplying a manipulated domain parameter. The documentation explic...
DirectAdmin 1.403 跨站脚本漏洞
Bugtraq ID: 53281 CVE ID: CVE-2012-3842 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 DirectAdmin脚本存在跨站脚本漏洞,允许攻击者通过select0或select8参数注入任意WEB脚本或HTML,远程攻击者可以利用漏洞获得敏感信息或劫持用户会话。 0 DirectAdmin 1.403 厂商解决方案 目前没有详细解决方案提供: http://directadmin.com/...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...