Lucene search
K

3955 matches found

NVD
NVD
added 2008/05/12 4:20 p.m.35 views

CVE-2008-2070

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "" characters in the 1 issue parameter to scripts2/knowlegebase, 2 user parameter to...

4.3CVSS5.9AI score0.02183EPSS
Exploits3References8
NVD
NVD
added 2008/05/12 4:20 p.m.27 views

CVE-2008-2071

Multiple cross-site request forgery CSRF vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors...

4.3CVSS7AI score0.00674EPSS
Exploits2References8
Prion
Prion
added 2008/05/12 4:20 p.m.25 views

Cross site scripting

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "" characters in the 1 issue parameter to scripts2/knowlegebase, 2 user parameter to...

4.3CVSS6.2AI score0.02183EPSS
Exploits3References8Affected Software1
Cvelist
Cvelist
added 2008/05/12 4:0 p.m.42 views

CVE-2008-2070

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "" characters in the 1 issue parameter to scripts2/knowlegebase, 2 user parameter to...

5.9AI score0.02183EPSS
Exploits3References8
Cvelist
Cvelist
added 2008/05/12 4:0 p.m.38 views

CVE-2008-2071

Multiple cross-site request forgery CSRF vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors...

7AI score0.00674EPSS
Exploits2References8
CVE
CVE
added 2008/05/12 4:0 p.m.60 views

CVE-2008-2071

CVE-2008-2071 describes CSRF flaws in the cPanel/WHM web interface. Affected: WHM/cPanel versions affected by 11.18.4+ and 11.22.3+ patches (the issue is present in 11.18.0–11.18.3 and 11.22.0–11.22.2 as noted by sources). The vulnerability allows remote attackers to perform unauthorized actions ...

4.3CVSS6.9AI score0.00674EPSS
Exploits2References8Affected Software1
CVE
CVE
added 2008/05/12 4:0 p.m.91 views

CVE-2008-2070

The CVE-2008-2070 entry concerns the WHM interface of cPanel: affected are WHM/cPanel builds around 11.15.0/11.18.x and 11.22.x, where multiple user-supplied inputs (notably issue in scripts2/knowlegebase, user in scripts2/changeip, and search in scripts2/listaccts) permit bypassing XSS protectio...

4.3CVSS5.9AI score0.02183EPSS
Exploits3References8Affected Software1
Positive Technologies
Positive Technologies
added 2008/05/12 12:0 a.m.6 views

PT-2008-3588 · Cpanel · Cpanel

Name of the Vulnerable Software and Affected Versions: cPanel versions 11.18.0 through 11.18.3 cPanel versions 11.22.0 through 11.22.2 Description: The issue allows remote attackers to perform unauthorized actions as cPanel administrators. This can be achieved via requests to "cpanel/whm/webmail"...

4.3CVSS6.5AI score0.00674EPSS
Exploits2References11
securityvulns
securityvulns
added 2008/05/11 12:0 a.m.75 views

XSS and CSRF vulnerability on Cpanel 11

DESCRIPTION OF THE SOFTWARE cPanel is a hosting automation tool. WHM interface provides access to the heart of the cPanel and WHM package and allows a Server Administrator to simply configure a few options and be on their way to hosting web sites. 2. DESCRIPTION OF THE VULNERABILITY There are...

4.3CVSS0.02183EPSS
Exploits3
exploitpack
exploitpack
added 2008/05/09 12:0 a.m.14 views

cPanel 11.x - scripts2changeip?user Cross-Site Scripting

cPanel 11.x - scripts2changeip?user Cross-Site Scripting source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2008/05/09 12:0 a.m.8 views

cPanel 11.x - scripts2listaccts?search Cross-Site Scripting

cPanel 11.x - scripts2listaccts?search Cross-Site Scripting source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execut...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2008/05/09 12:0 a.m.8 views

cPanel 11.x - scripts2knowlegebase?issue Cross-Site Scripting

cPanel 11.x - scripts2knowlegebase?issue Cross-Site Scripting source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/09 12:0 a.m.78 views

cpanel-xssxsrf.txt

DESCRIPTION OF THE SOFTWARE cPanel is a hosting automation tool. WHM interface provides access to the heart of the cPanel and WHM package and allows a Server Administrator to simply configure a few options and be on their way to hosting web sites. 2. DESCRIPTION OF THE VULNERABILITY There are...

4.3CVSS6.6AI score0.02183EPSS
Exploits3
Exploit DB
Exploit DB
added 2008/05/09 12:0 a.m.28 views

cPanel 11.x - '/scripts2/knowlegebase?issue' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/09 12:0 a.m.31 views

cPanel 11.x - '/scripts2/listaccts?search' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/09 12:0 a.m.35 views

cPanel 11.x - '/scripts2/changeip?user' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/05/07 12:0 a.m.68 views

cPanel跨站请求伪造漏洞

CVECAN ID: CVE-2008-2043 cPanel是基于web的工具,用于自动化控制网站和服务器。 cPanel没有验证用户通过HTTP请求所执行的某些操作,这允许远程攻击者通过跨站请求伪造(XSRF)攻击执行仅有管理员才可以执行的操作,包括创建新的数据库、添加新用户等。 cPanel 11.18.3 build ID 21703 临时解决方法: 启用Referrer检查: 1 导航至Server configuration 2 找到Tweak Settings 3 在WebHost Manager中找到Security 4 选择复选框并保存页面 厂商补丁: cPanel...

4.3CVSS6.5AI score0.01339EPSS
Exploits2
Prion
Prion
added 2008/05/01 7:5 p.m.20 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to 1 execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via 2 frontend/x2/sql/adddb.html, 3...

4.3CVSS8.5AI score0.01339EPSS
Exploits2References5Affected Software1
NVD
NVD
added 2008/05/01 7:5 p.m.18 views

CVE-2008-2043

Multiple cross-site request forgery CSRF vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to 1 execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via 2 frontend/x2/sql/adddb.html, 3...

4.3CVSS7.9AI score0.01339EPSS
Exploits2References5
Cvelist
Cvelist
added 2008/05/01 5:20 p.m.21 views

CVE-2008-2043

Multiple cross-site request forgery CSRF vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to 1 execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via 2 frontend/x2/sql/adddb.html, 3...

7.9AI score0.01339EPSS
Exploits2References5
Rows per page
Query Builder