CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4830
https://notcve.org/view.php?id=CVE-2007-4830
Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en CMD_BANDWIDTH_BREAKDOWN en DirectAdmin 1.30.2 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro user. • http://osvdb.org/36999 http://pridels-team.blogspot.com/2007/09/directadmin-v1302-xss-vuln.html http://secunia.com/advisories/26742 http://www.securityfocus.com/bid/25607 https://exchange.xforce.ibmcloud.com/vulnerabilities/36510 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3501
https://notcve.org/view.php?id=CVE-2007-3501
Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en CMD_USER_STATS en DirectAdmin 1.30.1 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro domain, un vector diferente de CVE-2007-1508. • http://osvdb.org/36339 http://pridels-team.blogspot.com/2007/06/directadmin-xss-vuln.html http://secunia.com/advisories/25881 http://www.securityfocus.com/bid/24688 http://www.vupen.com/english/advisories/2007/2389 https://exchange.xforce.ibmcloud.com/vulnerabilities/35177 •