CVE Vulnerabilities

CVE-2006-0573

Published: Feb 07, 2006 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to (a) editquota.html or (b) dodelpop.html; (2) showtree parameter to (c) diskusage.html; or the (3) mon, (4) year, (5) target, or (6) domain parameter to (d) stats/detailbw.html.

Affected Software

Name Vendor Start Version End Version
Cpanel Cpanel 5.0 5.0
Cpanel Cpanel 5.3 5.3
Cpanel Cpanel 6.0 6.0
Cpanel Cpanel 6.2 6.2
Cpanel Cpanel 6.4 6.4
Cpanel Cpanel 6.4.1 6.4.1
Cpanel Cpanel 6.4.2 6.4.2
Cpanel Cpanel 6.4.2_stable_48 6.4.2_stable_48
Cpanel Cpanel 7.0 7.0
Cpanel Cpanel 8.0 8.0
Cpanel Cpanel 9.0 9.0
Cpanel Cpanel 9.1 9.1
Cpanel Cpanel 10 10

References