Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) email parameter to (a) editquota.html or (b) dodelpop.html; (2) showtree parameter to (c) diskusage.html; or the (3) mon, (4) year, (5) target, or (6) domain parameter to (d) stats/detailbw.html.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cpanel cpanel 6.2 |
||
cpanel cpanel 6.4 |
||
cpanel cpanel 6.4.1 |
||
cpanel cpanel 6.4.2 |
||
cpanel cpanel 5.3 |
||
cpanel cpanel 6.0 |
||
cpanel cpanel 9.0 |
||
cpanel cpanel 9.1 |
||
cpanel cpanel 10 |
||
cpanel cpanel 5.0 |
||
cpanel cpanel 6.4.2_stable_48 |
||
cpanel cpanel 7.0 |
||
cpanel cpanel 8.0 |