Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2003-0521

Published: 18/08/2003 Updated: 18/10/2016
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Cpanel

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote malicious users to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens.

Vulnerable Product Search on Vulmon Subscribe to Product

cpanel cpanel 6.2

cpanel cpanel 6.4

cpanel cpanel 6.4.1

cpanel cpanel 6.4.2

cpanel cpanel 5.0

cpanel cpanel 6.4.2_stable_48

cpanel cpanel 5.3

cpanel cpanel 6.0

Exploits

Exploit DB: CPanel 5.0/5.3/6.x - Admin Interface HTML Injection
source: wwwsecurityfocuscom/bid/8119/info cPanel is prone to an HTML injection vulnerability It is possible for remote attacks to include hostile HTML and script code in requests to cPanel, which will be logged When logs are viewed by an administrative user, the injected code could be rendered in their browser in the context of the site ...

References

NVD-CWE-Otherhttp://marc.info/?l=bugtraq&m=105760556627616&w=2https://nvd.nist.govhttps://www.exploit-db.com/exploits/22874/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook