Vulnerabilities > Jbmc Software > Directadmin > 1.293
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-05-05 | CVE-2009-1526 | Link Following vulnerability in Jbmc-Software Directadmin JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action. | 6.9 |
| 2009-05-05 | CVE-2009-1525 | Improper Input Validation vulnerability in Jbmc-Software Directadmin CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action. | 8.5 |
| 2007-03-20 | CVE-2007-1508 | Cross-Site Scripting vulnerability in Jbmc Software Directadmin 1.293 Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-5983. network jbmc-software | 4.3 |