1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

PCI Scan Issue

Discussion in 'Customer&Business Manager (formerly Plesk Billing)' started by JoeyM, Jan 18, 2010.

  1. JoeyM

    JoeyM Guest

    ModernBill .:. Client Billing System | Version 4.4.2:B-3:K:001:35

    Copyright 2001-2010 ModernGigabyte, LLC. All Rights Reserved.
    MBv4 Owned License Unlimted registered to ---------------

    We could not find the old forum and any access at all to our license or anything else.. Until tonight we have been running ok but tonight or pci scan showed up with a new issue, one that we can not find a solution for. Here is the issue below, hoping someone has saw this issue and has a correction for it.

    Possible cross site scripting on https://www.domain.com/modernbilll/index. php Use the following commands to verify this: wp --inject "https://www.domain.com/modernbilll/index .php?username=&Login=submit&new_language=e n%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscr ipt%3E&submit=submit" POST curl -L -k -d "username=&Login=submit&new_language=en%2 2%3E%3Cscript%3Ealert%28123%29%3C%2Fscript %3E&submit=submit" "https://www.domain.com/modernbilll/index .php"| grep "123" This website may have other injection related vulnerabilities.

    We have changed our domain out above with domain.com