Vulnerabilities > CVE-2005-2021 - Unspecified vulnerability in Cpanel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 12 |
Exploit-Db
description | cPanel 9.1 User Parameter Cross-Site Scripting Vulnerability. CVE-2005-2021 . Webapps exploit for php platform |
id | EDB-ID:25846 |
last seen | 2016-02-03 |
modified | 2005-05-20 |
published | 2005-05-20 |
reporter | [email protected] |
source | https://www.exploit-db.com/download/25846/ |
title | cPanel <= 9.1 User Parameter Cross-Site Scripting Vulnerability |
Nessus
NASL family | CGI abuses : XSS |
NASL id | CPANEL_LOGIN_USER_XSS.NASL |
description | The remote host is running cPanel. The version of cPanel on the remote host suffers from a cross-site scripting vulnerability due to its failure to sanitize user-supplied input to the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18540 |
published | 2005-06-21 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18540 |
title | cPanel cpsrvd.pl user Parameter XSS |