Cross site scripting

2010-04-2715:30:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.3%

JSON

Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter.

CPENameOperatorVersion
cpaneleq11.0
cpaneleq11.18
cpaneleq11.4.19
cpaneleq11.22
cpaneleq11.18.3
cpaneleq11.18.1
cpaneleq11.22.1
cpaneleq11.22.2
cpaneleq11.16
cpaneleq11.18.4

Name	Operator	Version
cpanel	eq	11.0
cpanel	eq	11.18
cpanel	eq	11.4.19
cpanel	eq	11.22
cpanel	eq	11.18.3
cpanel	eq	11.18.1
cpanel	eq	11.22.1
cpanel	eq	11.22.2
cpanel	eq	11.16
cpanel	eq	11.18.4

Rows per page:

1-10 of 171

References

osvdb.org/61231

secunia.com/advisories/37826

www.cpanel.net/2009/12/cpanel-cross-site-scripting-vulnerability.html

www.securityfocus.com/bid/37394

www.vupen.com/english/advisories/2009/3608

www.exploit-db.com/exploits/10519