Lucene search

[email protected]NVD:CVE-2006-4293

HistoryAug 22, 2006 - 5:04 p.m.

CVE-2006-4293

2006-08-2217:04:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.006

Percentile

79.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter in dohtaccess.html, or the (2) file parameter in (a) editit.html or (b) showfile.html.

Affected configurations

Nvd

Node

cpanelcpanelMatch10

VendorProductVersionCPE
cpanelcpanel10cpe:2.3:a:cpanel:cpanel:10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cpanel	cpanel	10	cpe:2.3:a:cpanel:cpanel:10:::::::*

References

secunia.com/advisories/21592

securityreason.com/securityalert/1442

www.osvdb.org/28041

www.osvdb.org/28042

www.osvdb.org/28043

www.securityfocus.com/archive/1/443637/100/0/threaded

www.securityfocus.com/bid/19624

exchange.xforce.ibmcloud.com/vulnerabilities/28447

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.006

Percentile

79.5%

JSON

Related for NVD:CVE-2006-4293

cve1 exploitdb3 cvelist1