CVE Vulnerabilities

CVE-2007-0890

Published: Feb 12, 2007 | Modified: Oct 16, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.

Affected Software

Name Vendor Start Version End Version
Webhost_manager Cpanel 6.4 6.4
Webhost_manager Cpanel 7.0 7.0
Webhost_manager Cpanel 9.1.0_r85 9.1.0_r85
Webhost_manager Cpanel 8.0 8.0
Webhost_manager Cpanel 9.4.1_r64 9.4.1_r64
Webhost_manager Cpanel 11 11
Webhost_manager Cpanel 10.2.0_r82 10.2.0_r82
Webhost_manager Cpanel 6.4.1 6.4.1
Webhost_manager Cpanel 6.2 6.2
Webhost_manager Cpanel 10.6.0_r137 10.6.0_r137
Webhost_manager Cpanel 5.0 5.0
Webhost_manager Cpanel 10.8.1_build84 10.8.1_build84
Webhost_manager Cpanel 9.0 9.0
Webhost_manager Cpanel 9.1 9.1
Webhost_manager Cpanel 10.8.2_118 10.8.2_118
Webhost_manager Cpanel 6.4.2_stable_48 6.4.2_stable_48
Webhost_manager Cpanel 5.3 5.3
Webhost_manager Cpanel 6.0 6.0
Webhost_manager Cpanel 11.0 11.0
Webhost_manager Cpanel 10.9 10.9
Webhost_manager Cpanel 10.8.1_113 10.8.1_113
Webhost_manager Cpanel 11_beta 11_beta
Webhost_manager Cpanel 9.9.1_r3 9.9.1_r3
Webhost_manager Cpanel 6.4.2 6.4.2

References