GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   New vulnerabilities in cPanel (https://gfy.com/showthread.php?t=647143)

ScannerX 08-22-2006 07:53 AM
New vulnerabilities in cPanel
 
New vulnerabilities in cPanel which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "dir" parameter in dohtaccess.html and to the "file" parameter in editit.html and showfile.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Examples:
http://[host]:2082/frontend/x/ht...cess.html?dir=[code]
http://[host]:2082/frontend/x/files/editit.html?dir=/&file=[code]
http://[host]:2082/frontend/x/files/showfile.html?dir=/&file=[code]

Lycanthrope 08-22-2006 08:34 AM
cPanel is the Windows of control panels

ladida 08-22-2006 08:35 AM
Welcome to several months ago

Ange 02-04-2007 12:42 PM
thanks for the info

Fap 02-04-2007 02:10 PM
good find, thanks for info


All times are GMT -7. The time now is 11:19 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123