DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability

No description provided by source. Vendor: http://www.directadmin.com/ Code : Create Administrator : html titleDirectAdmin v1.34.0 XSRF Create Administrator Vulnerability/title !--!Set You'r victim By SarBoT511 !-- form name="reseller" action="http://site.com:2222/CMDACCOUNTADMIN" method="post"...

DirectAdmin 1.34.0 - Cross-Site Request Forgery (Add Admin)

Vendor: http://www.directadmin.com/ Code : Create Administrator : DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability...

DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability

Exploit for unknown platform in category web applications =========================================================== DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability =========================================================== Vendor: http://www.directadmin.com/ Code : Create...

DirectAdmin 1.34.0 - Cross-Site Request Forgery (Add Admin)

DirectAdmin 1.34.0 - Cross-Site Request Forgery Add Admin Vendor: http://www.directadmin.com/ Code : Create Administrator : DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability...

CVE-2009-2216

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

CVE-2009-2216

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

Cross site scripting

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

CVE-2009-2216

DirectAdmin 1.33.6 and earlier contains an XSS in CMD_REDIRECT usable via the view=advanced URI parameter. Exploitation could allow remote attackers to inject arbitrary script/HTML. The issue is documented under CVE-2009-2216 across multiple feeds; affected product is DirectAdmin with versions up...

CVE-2009-2216

Cross-site scripting XSS vulnerability in CMDREDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request...

PT-2009-4665

Name of the Vulnerable Software and Affected Versions DirectAdmin versions 1.33.6 and earlier Description A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request. This occurs due to a vulnerability in CMD...

DirectAdmin 1.33.6 - CMD_REDIRECT Cross-Site Scripting

DirectAdmin 1.33.6 - CMDREDIRECT Cross-Site Scripting source: https://www.securityfocus.com/bid/35450/info DirectAdmin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary...

DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting

source: https://www.securityfocus.com/bid/35450/info DirectAdmin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

CVE-2009-1526

JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...

Deserialization of untrusted data

CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...

CVE-2009-1525

CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...

CVE-2009-1526

JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...

CVE-2009-1526

CVE-2009-1526 affects JBMC Software DirectAdmin versions prior to 1.334. The vulnerability is a local privilege issue where an attacker can create or overwrite arbitrary files via a symlink attack on a temporary file used in the CMD_DB script during a backup action. The root cause is improper han...

CVE-2009-1526

JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...

CVE-2009-1525

DirectAdmin (JBMC Software) CMD_DB vulnerability CVE-2009-1525 affects DirectAdmin before 1.334. Remote authenticated users can gain privileges by supplying shell metacharacters in the name parameter during a restore action. Root cause involves processing of shell metacharacters in the restore wo...

PT-2009-4023

Name of the Vulnerable Software and Affected Versions: JBMC Software DirectAdmin versions prior to 1.334 Description: The issue allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory. This is related to a request for this...