[Aria-Security] CPanel Network Tools Cross Site Scripting [Advisory]

2006-11-18T00:00:00
ID SECURITYVULNS:DOC:15131
Type securityvulns
Reporter Securityvulns
Modified 2006-11-18T00:00:00

Description

Aria-Security Team Advisory

<www.Aria-security.Com For English >

<www.Aria-Security.net For Persian >

Original Advisory : #http://www.aria-security.com/forum/showthread.php?t=30

-----------------------------------------------------------

Software: CPanel

Tested On CPanel 10

CPanel Network Tools

PoC:

http://target:2082/frontend/x/net/dnslook.html?dns=[XSS]

P.S : Attacker must be authenticated

Contact: Advisory@aria-security.net