Vulnerabilities > CVE-2006-5883 - Unspecified vulnerability in Cpanel 10
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cpanel
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description cPanel 10 seldir.html dir Parameter XSS. CVE-2006-5883. Webapps exploit for php platform id EDB-ID:28982 last seen 2016-02-03 modified 2006-11-13 published 2006-11-13 reporter Aria-Security Team source https://www.exploit-db.com/download/28982/ title cPanel 10 seldir.html dir Parameter XSS description cPanel 10 newuser.html Multiple Parameter XSS. CVE-2006-5883. Webapps exploit for php platform id EDB-ID:28983 last seen 2016-02-03 modified 2006-11-13 published 2006-11-13 reporter Aria-Security Team source https://www.exploit-db.com/download/28983/ title cPanel 10 newuser.html Multiple Parameter XSS
References
- http://aria-security.net/advisory/cpanel.txt
- http://aria-security.net/advisory/cpanel.txt
- http://secunia.com/advisories/22825
- http://secunia.com/advisories/22825
- http://securityreason.com/securityalert/1847
- http://securityreason.com/securityalert/1847
- http://www.osvdb.org/30386
- http://www.osvdb.org/30386
- http://www.osvdb.org/30387
- http://www.osvdb.org/30387
- http://www.securityfocus.com/archive/1/451374/100/0/threaded
- http://www.securityfocus.com/archive/1/451374/100/0/threaded
- http://www.securityfocus.com/bid/21027
- http://www.securityfocus.com/bid/21027
- http://www.vupen.com/english/advisories/2006/4500
- http://www.vupen.com/english/advisories/2006/4500