Vulnerability Details CVE-2007-1508
Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-5983.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/34273
- http://secunia.com/advisories/24551
- http://www.securityfocus.com/archive/1/463003/100/0/threaded
- http://www.securityfocus.com/bid/22996
- http://www.vupen.com/english/advisories/2007/1037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33023
- http://osvdb.org/34273
- http://secunia.com/advisories/24551
- http://www.securityfocus.com/archive/1/463003/100/0/threaded
- http://www.securityfocus.com/bid/22996
- http://www.vupen.com/english/advisories/2007/1037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33023
Products affected by CVE-2007-1508
-
cpe:2.3:a:jbmc_software:directadmin:1.293