Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Directadmin Subscribe
Filtered by product Directadmin
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18045 1 Directadmin 1 Directadmin 2019-10-02 7.5 HIGH 9.8 CRITICAL
JBMC DirectAdmin before 1.52, when the email_ftp_password_change setting is nonzero, allows remote attackers to obtain access or cause a denial of service (segfault) via an unspecified request.
CVE-2019-9625 1 Directadmin 1 Directadmin 2019-03-12 6.8 MEDIUM 8.8 HIGH
JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to create a new admin account.
CVE-2012-5305 1 Directadmin 1 Directadmin 2017-08-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
CVE-2007-4830 1 Directadmin 1 Directadmin 2017-07-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter.
CVE-2007-3501 1 Directadmin 1 Directadmin 2017-07-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508.