Vulnerabilities > Cpanel > Webhost Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-27 | CVE-2012-6448 | Cross-site Scripting vulnerability in Cpanel Webhost Manager 11.34.0 Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2007-02-12 | CVE-2007-0890 | Cross-Site Scripting vulnerability in CPanel PassWDMySQL Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter. network cpanel | 4.3 |
| 2007-02-08 | CVE-2007-0854 | Code Injection vulnerability in Cpanel Webhost Manager Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager (WHM) allows remote attackers to execute arbitrary code via a URL in the obj parameter. | 7.5 |
| 2006-12-14 | CVE-2006-6548 | Cross-Site Scripting vulnerability in Cpanel Webhost Manager 3.1.0 Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to (1) scripts2/changeemail, (2) scripts2/limitbw, or (3) scripts/rearrangeacct. network cpanel | 3.5 |
| 2006-12-01 | CVE-2006-6198 | Cross-Site Scripting vulnerability in Cpanel Webhost Manager 3.1.0 Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) email parameter to (a) scripts2/dochangeemail, the (2) supporturl parameter to (b) cgi/addon_configsupport.cgi, the (3) pkg parameter to (c) scripts/editpkg, the (4) domain parameter to (d) scripts2/domts2 and (e) scripts/editzone, the (5) feature parameter to (g) scripts2/dofeaturemanager, and the (6) ndomain parameter to (h) scripts/park. network cpanel | 6.0 |