EUVD-2008-2067

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

WHM interface allows remote attackers to bypass XSS protection and inject scripts via parameters

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2008-2070	9 May 200800:00	–	circl
CVE	CVE-2008-2070	12 May 200816:00	–	cve
Cvelist	CVE-2008-2070	12 May 200816:00	–	cvelist
NVD	CVE-2008-2070	12 May 200816:20	–	nvd
Packet Storm	cpanel-xssxsrf.txt	9 May 200800:00	–	packetstorm
Prion	Cross site scripting	12 May 200816:20	–	prion
securityvulns	XSS and CSRF vulnerability on Cpanel 11	11 May 200800:00	–	securityvulns
securityvulns	Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	11 May 200800:00	–	securityvulns
seebug.org	cPanel跨站脚本和跨站请求伪造漏洞	14 May 200800:00	–	seebug

[
  {
    "enisaIdVendor": [
      {
        "id": "9ec32d6a-0548-3ebd-83e0-466ee8f418fa",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "e34c94d4-f39a-3803-8489-e0ad8da4d26e",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2008-2070
changelog	www.changelog.cpanel.net/
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/42305
securityfocus	www.securityfocus.com/archive/1/491864/100/0/threaded
vupen	www.vupen.com/english/advisories/2008/1522/references
securityreason	www.securityreason.com/securityalert/3866
lists	www.lists.grok.org.uk/pipermail/full-disclosure/2008-May/062197.html
securityfocus	www.securityfocus.com/bid/29125
secunia	www.secunia.com/advisories/30166
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 24.3

EPSS0.00959