[34112] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Cpanel Request Lets Authenticated Users Conduct Cross-Site

daemon@ATHENA.MIT.EDU (Fable)
Fri Mar 12 12:24:17 2004

Date: 12 Mar 2004 04:47:30 -0000
Message-ID: <20040312044730.29475.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Fable <fable@hush.com>
To: bugtraq@securityfocus.com

####################################################
#Advisory Name: Cpanel Request Lets Authenticated Users Conduct Cross-#Site Scripting Attacks
#Discovered by: Fable
#Greets: 0x29A Crew, !AM Crew, Atomix, d3thstar, mgrd, rootthief.com.
#Versions: ??
####################################################

###Description###

cPanel & WebHost Manager (WHM) is a next generation web hosting control panel system. Both cPanel & WHM are extremely feature rich as well as include an easy to use web based interface.

###vulnerability Description###

Authenticated users are able to run cross-site scripting attacks. I noticed this vulnerability when trying to password protect a dictory. Here is an example of how you could run script on the cpanel server

http://targetserver.com:2082/frontend/x/htaccess/dohtaccess.html?dir=>&lt;script&gt;alert(0x29A Crew)&lt;/script&gt;

You are able to run all sorts of HTML on the target server, iframes, ect. 

-Fable [fable@hush.com]


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[34112] in bugtraq

Cpanel Request Lets Authenticated Users Conduct Cross-Site

daemon@ATHENA.MIT.EDU (Fable)Fri Mar 12 12:24:17 2004

daemon@ATHENA.MIT.EDU (Fable)
Fri Mar 12 12:24:17 2004