Ashiyane DST Discover DirectAdmin XSS/CSRF Vulnerability

9 years ago

Iranian security researchers in Ashiyane Digital Security Team have discover XSS/CSRF vulnerability:

DirectAdmin Version 1.483 Web Control Panel CSRF/XSS vulnerability

DirectAdmin is graphical web hosting control panel for easy administration of websites
DirectAdmin suffer from XSS And CSRF vulnerability

XSS -Cross Site Scripting- is type of computer security vulnerability found in web applications enable attackers to inject client-sides script into web pages viewed by other users

CSRF -Cross-Site Request Forgery-  is type of attack occurs when malicious websites email blog or program cause user Web browsers to make unwanted actions on trusted site for which the user is currently authenticated

Details is here

Discover by Ehsan Hosseini
Contact: [email protected]

See all vulnerability discover by Ashiyane DST here on Exploit Database

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *