Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cpanel cpanel 6.2
cpanel cpanel 6.4
cpanel cpanel 9.1
cpanel cpanel 5.0
cpanel cpanel 6.4.2_stable_48
cpanel cpanel 7.0
cpanel cpanel 6.4.1
cpanel cpanel 6.4.2
cpanel cpanel 5.3
cpanel cpanel 6.0
cpanel cpanel 8.0
cpanel cpanel 9.0

source: wwwsecurityfocuscom/bid/9853/info It has been reported that cPanel may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser The issue presents itself due to insufficient sanitization of user-supplied data via the 'dir' parameter of 'dohtaccesshtml' p ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/357231 http://www.securityfocus.com/bid/9853 https://exchange.xforce.ibmcloud.com/vulnerabilities/15485 https://nvd.nist.gov https://www.exploit-db.com/exploits/23806/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2308

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect