23 matches found
EUVD-2012-3789
Malware in sbrugna...
EUVD-2006-5966
Malware in sbrugna...
EUVD-2007-1920
Malware in sbrugna...
EUVD-2012-5228
Malware in sbrugna...
EUVD-2009-1522
Malware in sbrugna...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
DirectAdmin 'CMD_DOMAIN'跨站脚本漏洞
Bugtraq ID:52848 CVE ID:CVE-2012-5305 DirectAdmin是一款功能强大的虚拟主机在线管理系统 JBMC Software DirectAdmin CMDDOMAIN存在跨站脚本漏洞,允许攻击者通过domain参数注入任意WEB脚本或HTML,可获得敏感信息或劫持用户会话 0 JBMC Software DirectAdmin 1.403 厂商解决方案 目前没有详细解决方案提供: http://directadmin.com/...
Cross site scripting
Cross-site scripting XSS vulnerability in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter...
CVE-2012-5305
The CVE-2012-5305 entry concerns JBMC Software DirectAdmin 1.403, with the vulnerable component CMD_DOMAIN. The root cause is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML by supplying a manipulated domain parameter. The documentation explic...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
CVE-2012-3842
CVE-2012-3842 affects JBMC Software DirectAdmin 1.403, with multiple XSS flaws in CMD_DOMAIN that allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the select0 or select8 parameters. The connected PT-2012-5038 entry provides concrete details on af...
DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Title: ====== DirectAdmin v1.403 - Cross Site Scripting Vulnerability Date: ===== 2012-04-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=486 VL-ID: ===== 486 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
DirectAdmin硬链接本地特权提升漏洞
Bugtraq ID: 47690 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 当创建备份时不正确检查部分硬链接,本地攻击者可以通过硬链接攻击操作部分文件,提升特权。 JBMC Software DirectAdmin 1.33.6 JBMC Software DirectAdmin 1.33.4 JBMC Software DirectAdmin 1.33.3 JBMC Software DirectAdmin 1.30.2 JBMC Software DirectAdmin 1.30.1 JBMC Software DirectAdmin 1.381 JBMC...
DirectAdmin 'mysql_backup'文件夹信息泄露漏洞
Bugtraq ID: 47693 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 DirectAdmin把MySQL数据库备份文件创建在全局可读的"mysqlbackups"文件夹中,可导致泄露MySQL数据库备份内容。 要成功利用漏洞需要CustomBuild用于更新MySQL数据库,并且"mysqlbackup"设置为"yes"。 JBMC Software DirectAdmin 1.33.6 JBMC Software DirectAdmin 1.33.4 JBMC Software DirectAdmin 1.33.3 JBMC Software...
Deserialization of untrusted data
CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...
CVE-2009-1525
CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...
Design/Logic Flaw
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...
CVE-2009-1526
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...
CVE-2009-1525
DirectAdmin (JBMC Software) CMD_DB vulnerability CVE-2009-1525 affects DirectAdmin before 1.334. Remote authenticated users can gain privileges by supplying shell metacharacters in the name parameter during a restore action. Root cause involves processing of shell metacharacters in the restore wo...