Cpanel File Manager XSS Vulnerability
Page 1 of 1
Cpanel File Manager XSS Vulnerability
Cpanel (www.cpanel.net) has two file manager application, standard and legacy one to manage files. Both of them are vulnerable to XSS attack. File name is presented unescaped so that an attacker can craft malicious file name to execute script on behalf of victims.
Version
-----------
this vulnerability was found on cpanel version 11.24.4-CURRENT
exploit here is already tested on: Firefox 3.0.7 and IE 8.0
Details
Version
-----------
this vulnerability was found on cpanel version 11.24.4-CURRENT
exploit here is already tested on: Firefox 3.0.7 and IE 8.0
Details
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» Microsoft Download Manager
» Multiple vulnerabilities in MC Content Manager
» Cleaning up XP Junk through a Batch file
» Restricting File Sharing in XP
» PHP Arbitrary File Include
» Multiple vulnerabilities in MC Content Manager
» Cleaning up XP Junk through a Batch file
» Restricting File Sharing in XP
» PHP Arbitrary File Include
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum