Vulnerabilities > Cpanel > Cgiecho

DATE CVE VULNERABILITY TITLE RISK
2017-03-03 CVE-2017-5616 Cross-site Scripting vulnerability in Cpanel Cgiecho and Cgiemail
Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter.
network
low complexity
cpanel CWE-79
6.1
2017-03-03 CVE-2017-5615 Open Redirect vulnerability in Cpanel Cgiecho and Cgiemail
cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.
network
low complexity
cpanel CWE-601
6.1
2017-03-03 CVE-2017-5613 Use of Externally-Controlled Format String vulnerability in Cpanel Cgiecho and Cgiemail
Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file.
local
low complexity
cpanel CWE-134
7.8