Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2216

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-2216
Last Modified 26 Jun 2009 12:00:00
Published 25 Jun 2009 07:14:15
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2216

Summary

Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.

Vulnerable Systems

Application

  • Jbmc-software Directadmin 1.292

  • Jbmc-software Directadmin 1.33.1

  • Jbmc-software Directadmin 1.33.2

  • Jbmc-software Directadmin 1.33.3

  • Jbmc-software Directadmin 1.33.4

  • Jbmc-software Directadmin 1.33.6


References

XF - directadmin-cmdredirect-xss(51292)

VUPEN - ADV-2009-1663

BID - 35450

SECUNIA - 35525

MISC - http://pridels-team.blogspot.com/2009/06/directadmin-v1336-xss-vuln.html


Last Updated: 27 May 2016 10:50:49