Filtered by vendor Directadmin
Subscribe
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18045 | 1 Directadmin | 1 Directadmin | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
JBMC DirectAdmin before 1.52, when the email_ftp_password_change setting is nonzero, allows remote attackers to obtain access or cause a denial of service (segfault) via an unspecified request. | |||||
CVE-2019-9625 | 1 Directadmin | 1 Directadmin | 2019-03-12 | 6.8 MEDIUM | 8.8 HIGH |
JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to create a new admin account. | |||||
CVE-2012-5305 | 1 Directadmin | 1 Directadmin | 2017-08-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter. | |||||
CVE-2011-5033 | 2 Configserver, Directadmin | 2 Configserver Security Firewall, Directadmin Server | 2017-08-28 | 4.4 MEDIUM | N/A |
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file. | |||||
CVE-2007-4830 | 1 Directadmin | 1 Directadmin | 2017-07-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter. | |||||
CVE-2007-3501 | 1 Directadmin | 1 Directadmin | 2017-07-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508. |