DirectAdmin 1.48 Cross Site Request Forgery

Posted on 22 May 2015

# Affected software: directadmin # Type of vulnerability:ns hijacking via csrf # URL:directadmin.com # Discovered by: provensec # Website: provensec.com #version:1.48 # Proof of concept https://www.directadmin.com:2222/CMD_ADMIN_SETTINGS above age contains a form from which namesrvers can be changed which dont have any csrf protection implemented attacker can leverage this to hijack the domain by simple changing name server by sending crafted html page

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Stock Management System 1.0 SQL Injection
Online Fire Reporting System 1.2 SQL Injection
OpenClinic GA 5.247.01 Path Traversal
OpenClinic GA 5.247.01 Information Disclosure
Jenkins 2.441 Local File Inclusion

Last 20