Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
References
| Link | Resource |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2012-04/0214.html | Broken Link |
| http://www.securityfocus.com/bid/53281 | Exploit |
| http://www.vulnerability-lab.com/get_content.php?id=509 | Exploit Third Party Advisory |
| http://archives.neohapsis.com/archives/bugtraq/2012-04/0214.html | Broken Link |
| http://www.securityfocus.com/bid/53281 | Exploit |
| http://www.vulnerability-lab.com/get_content.php?id=509 | Exploit Third Party Advisory |
Configurations
History
05 Dec 2025, 20:11
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Directadmin
Directadmin directadmin |
|
| CPE | cpe:2.3:a:directadmin:directadmin:1.403:*:*:*:*:*:*:* | |
| References | () http://archives.neohapsis.com/archives/bugtraq/2012-04/0214.html - Broken Link | |
| References | () http://www.vulnerability-lab.com/get_content.php?id=509 - Exploit, Third Party Advisory |
21 Nov 2024, 01:41
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://archives.neohapsis.com/archives/bugtraq/2012-04/0214.html - | |
| References | () http://www.securityfocus.com/bid/53281 - Exploit | |
| References | () http://www.vulnerability-lab.com/get_content.php?id=509 - |
Information
Published : 2012-07-03 22:55
Updated : 2025-12-05 20:11
NVD link : CVE-2012-3842
Mitre link : CVE-2012-3842
CVE.ORG link : CVE-2012-3842
JSON object : View
Products Affected
directadmin
- directadmin
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')