CVSS: 6.8EPSS: 3%CPEs: 1EXPL: 3CVE-2006-6523 – cPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-6523
14 Dec 2006 — Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote attackers to inject arbitrary web script or HTML via the account parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en mail/manage.html en BoxTrapper en cPanel 11 permite a atacantes remotos inyectar scripts web o HTML de su elección a través del parámetro account. • https://www.exploit-db.com/exploits/29237 •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 4CVE-2006-5883 – cPanel 10 - 'newuser.html' Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-5883
14 Nov 2006 — Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en cPanel 10 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML de su elección mediante el (1) parámetro dir en (a) seldir.html, y los parámetros (2) user y (... • https://www.exploit-db.com/exploits/28983 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3CVE-2006-5535 – cPanel 10.9 - 'dosetmytheme?theme' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-5535
26 Oct 2006 — Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate. Vulnerabilidades múltiples de cruce de sitios en scripts (XSS) en WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 permiten a atacantes remotos inyectar scripts WEB o HTML mediante 1) parámetro theme en scripts/dosetmytheme y (2) parámetro... • https://www.exploit-db.com/exploits/28843 •
CVSS: 9.0EPSS: 2%CPEs: 19EXPL: 1CVE-2006-5014 – cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-5014
27 Sep 2006 — Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin. Vulnerabilidad no especificada en cPanel anterior a 10.9.0 12 Tree permite a usuarios remotos autenticados obtener privilegios mediante vectores no especificados en (1) mysqladmin y (2) hooksadmin. • https://www.exploit-db.com/exploits/2466 •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 4CVE-2006-4293 – cPanel 10.x - 'dohtaccess.html?dir' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-4293
22 Aug 2006 — Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter in dohtaccess.html, or the (2) file parameter in (a) editit.html or (b) showfile.html. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en cPanel 10 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro (1) dir de dohtaccess.html, o el parámetro (2) file en (a) editit.html ... • https://www.exploit-db.com/exploits/28413 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2006-3337 – cPanel 10 - Select.HTML Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-3337
03 Jul 2006 — Cross-site scripting (XSS) vulnerability in frontend/x/files/select.html in cPanel 10.8.2-CURRENT 118 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter. Una vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en frontend/x/files/select.html en cPanel v10.8.2-CURRENT 118 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro "file". • https://www.exploit-db.com/exploits/28107 •
CVSS: 6.1EPSS: 1%CPEs: 13EXPL: 1CVE-2006-0573
https://notcve.org/view.php?id=CVE-2006-0573
07 Feb 2006 — Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to (a) editquota.html or (b) dodelpop.html; (2) showtree parameter to (c) diskusage.html; or the (3) mon, (4) year, (5) target, or (6) domain parameter to (d) stats/detailbw.html. Múltiples vulnerabilidades de XSS en cPanel 10 y versiones anteriores permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios mediante el p... • http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0025.html •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2006-0574
https://notcve.org/view.php?id=CVE-2006-0574
07 Feb 2006 — Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel 10 allows remote attackers to inject arbitrary web script or HTML via the (1) file extension or (2) mime-type. • http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0062.html •
CVSS: 6.1EPSS: 43%CPEs: 2EXPL: 2CVE-2005-3505
https://notcve.org/view.php?id=CVE-2005-3505
05 Nov 2005 — Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processed by Internet Explorer. • http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0124.html •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 2CVE-2005-2021 – cPanel 9.1 - 'User' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-2021
20 Jun 2005 — Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page. • https://www.exploit-db.com/exploits/25846 •