121 matches found
cPanel WebHost Manager 3.1 - editzone?domain Cross-Site Scripting
cPanel WebHost Manager 3.1 - editzone?domain Cross-Site Scripting source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
cPanel WebHost Manager 3.1 - 'dochangeemail?email' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...
cPanel WebHost Manager 3.1 - 'park?ndomain' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...
cPanel WebHost Manager 3.1 - 'dofeaturemanager?feature' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...
cPanel WebHost Manager 3.1 - 'domts2?domain' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...
cPanel WebHost Manager 3.1 - 'editzone?domain' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...
cPanel WebHost Manager 3.1 - 'editpkg?pkg' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...
cPanel WebHost Manager 3.1 - 'addon_configsupport.cgi?supporturl' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...
cPanel WebHost Manager 3.1 - dofeaturemanager?feature Cross-Site Scripting
cPanel WebHost Manager 3.1 - dofeaturemanager?feature Cross-Site Scripting source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issue...
WebHost Manager (WHM) Multiple Cross-Site Scripting
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory: http://www.aria-security.com/forum/showthread.php?t=44 ----------------------------------------------------------- Software: WebHost Manager WHM Tested WHM X v3.1.0 demo.cpanel.net...
awbs.txt
AWBS=Advanced Webhost Billing System Exploit; 1.http://site adres/contact.php?action=submit&Name='alert'XSS Vulnerability'%3B&EmailAddress=1&AccountUsername=1&Message=1 2.http://site adres/contact.php?action=submit&Name=1&EmailAddress=1&AccountUsername='alert'XSS Vulnerability'%3B&Message=1...
XSS vulnerability on AWBS
AWBS=Advanced Webhost Billing System Exploit; 1.http://site adres/contact.php?action=submit&Name='scriptalert'XSS Vulnerability'3B/script&EmailAddress=1&AccountUsername=1&Message=1 2.http://site adres/contact.php?action=submit&Name=1&EmailAddress=1&AccountUsername='scriptalert'XSS...
Advanced Webhost Billing System 2.2.2 Contact.PHP Multiple Cross-Site Scripting Vulnerabilities
Advanced Webhost Billing System 2.2.2 Contact.PHP Multiple Cross-Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/19226/info Advanced Webhost Billing System AWBS is prone to multiple cross-site scripting vulnerabilities because it fails to...
Sql injection
SQL injection vulnerability in the search script in 1 AlstraSoft Web Host Directory 1.2, aka 2 HyperStop WebHost Directory 1.2, allows remote attackers to execute arbitrary SQL commands via the uri parameter...
Sql injection
1 AlstraSoft Web Host Directory 1.2, aka 2 HyperStop WebHost Directory 1.2, allows remote attackers to obtain the installation path via an invalid entry in the Username field on the login page, which causes the path to be displayed in an SQL error. NOTE: this issue might be resultant from SQL...
CVE-2006-2617
Affected products: AlstraSoft Web Host Directory 1.2 (aka HyperStop WebHost Directory 1.2). Root cause: an invalid entry in the Username field on the login page can produce an SQL error that reveals the installation path, potentially due to SQL injection. Impact: partial disclosure of installatio...
CVE-2006-2616
The CVE-2006-2616 entry describes an SQL injection in the search script of AlstraSoft Web Host Directory 1.2 (also listed as HyperStop WebHost Directory 1.2). The vulnerability allows remote attackers to execute arbitrary SQL commands via the uri parameter, enabling potential data exposure or mod...
CVE-2005-4747
CVE-2005-4747 describes a Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd Helm before 3.2.6. The issue allows remote attackers to inject arbitrary web script or HTML via unknown vectors involving the default page. Affected software: WebHost Automation Ltd Helm versions prior to...
CVE-2005-4747
Cross-site scripting XSS vulnerability in WebHost Automation Ltd Helm before 3.2.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors involving the default page...
CVE-2005-4747
Cross-site scripting XSS vulnerability in WebHost Automation Ltd Helm before 3.2.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors involving the default page...