5 matches found
CVE-2007-0890
CVE-2007-0890 is an XSS vulnerability in cPanel WebHost Manager (WHM) up to version 11.0.0, in the scripts/passwdmysql component. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the password parameter. The provided connected documents confirm the affected prod...
CVE-2006-6198
CVE-2006-6198 documents multiple XSS vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0. The flaws enable remote authenticated users to inject arbitrary web script or HTML via several parameters in the web UI: (1) email in scripts2/dochangeemail, (2) supporturl in cgi/addon_configsupport.cgi, ...
CVE-2006-6548
The CVE-2006-6548 entry describes multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0. Affected component: WHM 3.1.0. Vulnerable vectors: the domain parameter in several scripts (scripts2/changeemail, scripts2/limitbw, scripts/rearrangeacct). The issue allows...
CVE-2007-0854
CVE-2007-0854: Remote file inclusion vulnerability in scripts2/objcache of cPanel WebHost Manager (WHM). An attacker can use a URL in the obj parameter to cause arbitrary code execution or overwrite files under /var/cpanel/objcache, potentially yielding unexpected web content. Some sources note t...
CVE-2012-6448
CVE-2012-6448 describes a Cross-site Scripting (XSS) vulnerability in cPanel WebHost Manager (WHM) 11.34.0. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Connected sources confirm the affected product/version and provide an exploit reference (Exp...