23 matches found
EUVD-2009-1522
Malware in sbrugna...
EUVD-2006-5966
Malware in sbrugna...
EUVD-2007-1920
Malware in sbrugna...
EUVD-2012-5228
Malware in sbrugna...
EUVD-2012-3789
Malware in sbrugna...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
DirectAdmin 'CMD_DOMAIN'跨站脚本漏洞
Bugtraq ID:52848 CVE ID:CVE-2012-5305 DirectAdmin是一款功能强大的虚拟主机在线管理系统 JBMC Software DirectAdmin CMDDOMAIN存在跨站脚本漏洞,允许攻击者通过domain参数注入任意WEB脚本或HTML,可获得敏感信息或劫持用户会话 0 JBMC Software DirectAdmin 1.403 厂商解决方案 目前没有详细解决方案提供: http://directadmin.com/...
Cross site scripting
Cross-site scripting XSS vulnerability in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter...
CVE-2012-5305
The CVE-2012-5305 entry concerns JBMC Software DirectAdmin 1.403, with the vulnerable component CMD_DOMAIN. The root cause is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML by supplying a manipulated domain parameter. The documentation explic...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
CVE-2012-3842
CVE-2012-3842 affects JBMC Software DirectAdmin 1.403, with multiple XSS flaws in CMD_DOMAIN that allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the select0 or select8 parameters. The connected PT-2012-5038 entry provides concrete details on af...
DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Title: ====== DirectAdmin v1.403 - Cross Site Scripting Vulnerability Date: ===== 2012-04-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=486 VL-ID: ===== 486 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
DirectAdmin硬链接本地特权提升漏洞
Bugtraq ID: 47690 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 当创建备份时不正确检查部分硬链接,本地攻击者可以通过硬链接攻击操作部分文件,提升特权。 JBMC Software DirectAdmin 1.33.6 JBMC Software DirectAdmin 1.33.4 JBMC Software DirectAdmin 1.33.3 JBMC Software DirectAdmin 1.30.2 JBMC Software DirectAdmin 1.30.1 JBMC Software DirectAdmin 1.381 JBMC...
DirectAdmin 'mysql_backup'文件夹信息泄露漏洞
Bugtraq ID: 47693 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 DirectAdmin把MySQL数据库备份文件创建在全局可读的"mysqlbackups"文件夹中,可导致泄露MySQL数据库备份内容。 要成功利用漏洞需要CustomBuild用于更新MySQL数据库,并且"mysqlbackup"设置为"yes"。 JBMC Software DirectAdmin 1.33.6 JBMC Software DirectAdmin 1.33.4 JBMC Software DirectAdmin 1.33.3 JBMC Software...
Design/Logic Flaw
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...
Deserialization of untrusted data
CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...
CVE-2009-1526
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...
CVE-2009-1525
CMDDB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action...
CVE-2009-1525
DirectAdmin (JBMC Software) CMD_DB vulnerability CVE-2009-1525 affects DirectAdmin before 1.334. Remote authenticated users can gain privileges by supplying shell metacharacters in the name parameter during a restore action. Root cause involves processing of shell metacharacters in the restore wo...