CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10785
https://notcve.org/view.php?id=CVE-2016-10785
06 Aug 2019 — cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185). cPanel anterior a versión 60.0.25, permite a los atacantes detectar el contenido del archivo durante las operaciones de copia de archivos (SEC-185). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10784
https://notcve.org/view.php?id=CVE-2016-10784
06 Aug 2019 — cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS propio en la interfaz de carga de alias (SEC-184). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10783
https://notcve.org/view.php?id=CVE-2016-10783
06 Aug 2019 — cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS auto almacenado en SSL_listkeys (SEC-182). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10782
https://notcve.org/view.php?id=CVE-2016-10782
06 Aug 2019 — cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS auto almacenado en listdbs de la API1 de postgres (SEC-181). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10781
https://notcve.org/view.php?id=CVE-2016-10781
06 Aug 2019 — cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS propio en la API de UI_confirm (SEC-180). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10780
https://notcve.org/view.php?id=CVE-2016-10780
06 Aug 2019 — cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS almacenado en la API de ftp_sessions (SEC-180). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10779
https://notcve.org/view.php?id=CVE-2016-10779
06 Aug 2019 — cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS almacenado en api1_listautoresponders (SEC-179). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10777
https://notcve.org/view.php?id=CVE-2016-10777
06 Aug 2019 — cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS propio en la Configuración de Ajustes de WHM para autodiscover_host (SEC-177). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10778
https://notcve.org/view.php?id=CVE-2016-10778
06 Aug 2019 — cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS auto almacenado en la API de listftpstable (SEC-178). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10776
https://notcve.org/view.php?id=CVE-2016-10776
06 Aug 2019 — cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS almacenado durante la fase de eliminación de homedir de una finalización de Cuenta de WHM (SEC-174). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •