Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Froxlor Server Management - Cross-Site Scripting

By kannthu

Vidoc logoVidoc Module

What is the "Froxlor Server Management - Cross-Site Scripting?"

The "Froxlor Server Management - Cross-Site Scripting" module is designed to detect cross-site scripting vulnerabilities in the Froxlor Server Management software. Froxlor Server Management is a web-based server management panel that allows users to manage their web hosting services. This module focuses specifically on the cross-site scripting vulnerability, which can allow attackers to inject arbitrary scripts into the browser of unsuspecting users.

This module has a medium severity level, indicating that while it is not the most critical vulnerability, it still poses a significant risk to the security of the software.

This module was authored by tess.


The cross-site scripting vulnerability in Froxlor Server Management can have various impacts, including:

- Execution of arbitrary scripts in the browser of users who interact with the affected software - Potential theft of sensitive information, such as login credentials or personal data - Possible manipulation of website content or functionality

How the module works?

The "Froxlor Server Management - Cross-Site Scripting" module works by sending HTTP requests to the target software and analyzing the responses for specific patterns. It uses the following matching conditions:

- It checks the response body for the presence of the string "javascript:alert(document.domain);dd//" and the word "Froxlor". - It verifies that the response headers include the "text/html" content type. - It ensures that the HTTP response status code is 200 (OK).

If all of these conditions are met, the module reports a vulnerability, indicating the presence of a cross-site scripting vulnerability in the Froxlor Server Management software.

Here is an example of an HTTP request sent by the module:

GET /index.php/javascript%26colon%3Balert(document.domain);dd%26sol%3b%26sol%3b HTTP/1.1
Host: [target_host]

Note: [target_host] should be replaced with the actual target host.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: javascript:alert(document.domain);...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability