3 matches found
CVE-2006-5983
CVE-2006-5983 concerns DirectAdmin 1.28.1 with multiple reflected XSS vectors. The connected PTSecurity entry details that remote authenticated users can inject arbitrary script/HTML via a range of parameters and commands: user parameter to CMD SHOW RESELLER/SHOW USER (Admin level); TYPE paramete...
PT-2006-6644
Name of the Vulnerable Software and Affected Versions DirectAdmin version 1.28.1 Description The issue allows remote authenticated users to inject arbitrary web script or HTML. This can be achieved through various parameters and commands, including the user parameter to CMD SHOW RESELLER or CMD...
[Hat-Squad] SQL injection and XSS Vulnerabilities in HELM
Hat-Squad Advisory: SQL injection and XSS Vulnerabilities in HELM November 2, 2004 Product: HELM Web Hosting Control Panel Vendor URL: http://helm.webhostautomation.com Version: HELM 3.1.19 and lower Vulnerability: SQL injection and XSS Release Date: November 2, 2004 Vendor Status: Informed on 28...