183 matches found
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
PT-2012-5038
Name of the Vulnerable Software and Affected Versions JBMC Software DirectAdmin version 1.403 Description The issue concerns multiple cross-site scripting XSS vulnerabilities in the CMD DOMAIN component. These vulnerabilities allow remote authenticated users with specific privileges to inject...
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities
Title: ====== DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities Date: ===== 2012-04-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=509 VL-ID: ===== 509 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
DirectAdmin 1.403 Cross Site Scripting
Title: ====== DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities Date: ===== 2012-04-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=509 VL-ID: ===== 509 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities
Document Title: =============== DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=509 Release Date: ============= 2012-04-25 Vulnerability Laboratory ID VL-ID: ==================================== 50...
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities
Document Title: =============== DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=509 Release Date: ============= 2012-04-25 Vulnerability Laboratory ID VL-ID: ==================================== 50...
DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Title: ====== DirectAdmin v1.403 - Cross Site Scripting Vulnerability Date: ===== 2012-04-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=486 VL-ID: ===== 486 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Document Title: =============== DirectAdmin v1.403 - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=486 Release Date: ============= 2012-04-02 Vulnerability Laboratory ID VL-ID: ==================================== 486...
JBMC Software DirectAdmin 1.403 - 'domain' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52845/info DirectAdmin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting
JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting source: https://www.securityfocus.com/bid/52845/info DirectAdmin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
DirectAdmin 1.403 Cross Site Scripting
Title: ====== DirectAdmin v1.403 - Cross Site Scripting Vulnerability Date: ===== 2012-04-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=486 VL-ID: ===== 486 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Document Title: =============== DirectAdmin v1.403 - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=486 Release Date: ============= 2012-04-02 Vulnerability Laboratory ID VL-ID: ==================================== 486...
DirectAdmin ADD Sub Domain CSRF Exploit
Exploit for php platform in category web applications !/usr/bin/perl Title : DirectAdmin Web Control Panel � 2005 JBMC Software Author : OnurTURKESHAN Homepage : http://www.directadmin.com/ tested on : Windows 7 Seni Unutmayacagiz MIRIM- system"cls"; print "...
DirectAdmin ADD Sub Domain CSRF Exploit
No description provided by source. !/usr/bin/perl Title : DirectAdmin Web Control Panel � 2005 JBMC Software Author : Onur T�RKE�HAN Homepage : http://www.directadmin.com/ tested on : Windows 7 Seni Unutmayacagiz MIRIM- system"cls"; print " +----------------------------------------+\n | directadm...
CVE-2011-5033
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall CSF before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service crash via a long string in an admin.list file...
Stack overflow
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall CSF before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service crash via a long string in an admin.list file...
CVE-2011-5033
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall CSF before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service crash via a long string in an admin.list file...
CVE-2011-5033
ConfigServer Security & Firewall (CSF) contains a stack-based buffer overflow in CFS.c affecting CSF before 5.43 when run on a DirectAdmin server. Local users can crash the service by supplying a long string in the admin.list file, per CVE-2011-5033. The vulnerability details are supported by mul...
CSF Firewall Buffer Overflow
Exploit for linux platform in category dos / poc Exploit Title: CSF Firewall Buffer overflow p0c DownLoaD : http://www.configserver.com/free/csf.tgz Date: 2011-12-09 Author: FoX HaCkEr site : www.sec4ever.com MaiL : email protected Tested on: CentOS3/4...
DirectAdmin 'mysql_backup'文件夹信息泄露漏洞
Bugtraq ID: 47693 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 DirectAdmin把MySQL数据库备份文件创建在全局可读的"mysqlbackups"文件夹中,可导致泄露MySQL数据库备份内容。 要成功利用漏洞需要CustomBuild用于更新MySQL数据库,并且"mysqlbackup"设置为"yes"。 JBMC Software DirectAdmin 1.33.6 JBMC Software DirectAdmin 1.33.4 JBMC Software DirectAdmin 1.33.3 JBMC Software...