|
Home
Ask the Team
Mailing Lists
Advertising Info
Advisories
About SecuriTeam
Blogs
Brought to you by:
Suppliers of:
New vulnerability?
New tool?
Tell us
Subjects of Interest:
Vulnerability Management
SQL Injection
Buffer Overflows
Active Network Scanning
Fuzzing
Fuzzer Report
Network Security
Network Scanner
Pen Testing
Security Scanner
|
|
|
| |
| Cerberus FTP Server is prone to a Multiple Cross-site Scripting vulnerabilities |
| |
Credit:
|
| |
Vulnerable Systems:
* Cerberus FTP Server <= 5.0.5.1
It was discovered that the Web Administration interface has multiple persistent Cross Site Scripting (XSS) vulnerabilities. In the log
viewer there is a XSS vulnerability which may be used by an unauthenticated user against an authenticated user. In the server
manager a trivial XSS vulnerability exists which may be used by the authenticated user.
To start, the vulnerabilities in the on the "/servermanger" page is trivial to exploit by escaping the " | | |
