Lucene search

[email protected]CVE-2006-3337

HistoryJul 03, 2006 - 6:05 p.m.

CVE-2006-3337

2006-07-0318:05:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cpanel

cross-site scripting

xss

cve-2006-3337

security vulnerability

nvd

6.3 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

79.1%

JSON

Cross-site scripting (XSS) vulnerability in frontend/x/files/select.html in cPanel 10.8.2-CURRENT 118 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.

CPENameOperatorVersion
cpanel:cpanelcpanelle10.8.2_current_118

CPE	Name	Operator	Version
cpanel:cpanel	cpanel	le	10.8.2_current_118

References

bugzilla.cpanel.net/show_bug.cgi?id=4282

secunia.com/advisories/20840

securitytracker.com/id?1016383

www.securityfocus.com/archive/1/438355/100/0/threaded

www.securityfocus.com/archive/1/438477/100/0/threaded

www.securityfocus.com/bid/18655

www.vupen.com/english/advisories/2006/2547

exchange.xforce.ibmcloud.com/vulnerabilities/27403

6.3 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

79.1%

JSON