Vulnerabilities > CVE-2006-5535 - Unspecified vulnerability in Cpanel 10.9.0R50
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cpanel
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description cPanel 10.9 dosetmytheme theme Parameter XSS. CVE-2006-5535. Webapps exploit for php platform id EDB-ID:28843 last seen 2016-02-03 modified 2006-10-23 published 2006-10-23 reporter Crackers_Child source https://www.exploit-db.com/download/28843/ title cPanel 10.9 - DoSetmytheme theme Parameter XSS description cPanel 10.9 editzonetemplate template Parameter XSS. CVE-2006-5535. Webapps exploit for php platform id EDB-ID:28844 last seen 2016-02-03 modified 2006-10-23 published 2006-10-23 reporter Crackers_Child source https://www.exploit-db.com/download/28844/ title cPanel 10.9 editzonetemplate template Parameter XSS
References
- http://changelog.cpanel.net/
- http://changelog.cpanel.net/
- http://secunia.com/advisories/22555
- http://secunia.com/advisories/22555
- http://securityreason.com/securityalert/1780
- http://securityreason.com/securityalert/1780
- http://www.securityfocus.com/archive/1/449472/100/0/threaded
- http://www.securityfocus.com/archive/1/449472/100/0/threaded
- http://www.securityfocus.com/bid/20683
- http://www.securityfocus.com/bid/20683
- http://www.vupen.com/english/advisories/2006/4190
- http://www.vupen.com/english/advisories/2006/4190