Vulnerabilities > Cpanel > Cgiecho > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-03 CVE-2017-5616 Cross-site Scripting vulnerability in Cpanel Cgiecho and Cgiemail
Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter.
network
cpanel CWE-79
4.3
2017-03-03 CVE-2017-5615 Open Redirect vulnerability in Cpanel Cgiecho and Cgiemail
cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.
network
cpanel CWE-601
5.8
2017-03-03 CVE-2017-5613 Use of Externally-Controlled Format String vulnerability in Cpanel Cgiecho and Cgiemail
Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file.
network
cpanel CWE-134
6.8