CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10783
https://notcve.org/view.php?id=CVE-2016-10783
06 Aug 2019 — cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS auto almacenado en SSL_listkeys (SEC-182). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10782
https://notcve.org/view.php?id=CVE-2016-10782
06 Aug 2019 — cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS auto almacenado en listdbs de la API1 de postgres (SEC-181). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10781
https://notcve.org/view.php?id=CVE-2016-10781
06 Aug 2019 — cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS propio en la API de UI_confirm (SEC-180). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10780
https://notcve.org/view.php?id=CVE-2016-10780
06 Aug 2019 — cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS almacenado en la API de ftp_sessions (SEC-180). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10779
https://notcve.org/view.php?id=CVE-2016-10779
06 Aug 2019 — cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS almacenado en api1_listautoresponders (SEC-179). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10777
https://notcve.org/view.php?id=CVE-2016-10777
06 Aug 2019 — cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS propio en la Configuración de Ajustes de WHM para autodiscover_host (SEC-177). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10778
https://notcve.org/view.php?id=CVE-2016-10778
06 Aug 2019 — cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS auto almacenado en la API de listftpstable (SEC-178). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10776
https://notcve.org/view.php?id=CVE-2016-10776
06 Aug 2019 — cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174). cPanel anterior a versión 60.0.25, permite un ataque de tipo XSS almacenado durante la fase de eliminación de homedir de una finalización de Cuenta de WHM (SEC-174). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10775
https://notcve.org/view.php?id=CVE-2016-10775
05 Aug 2019 — cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173). cPanel anterior a versión 60.0.25, permite operaciones file-chown arbitrarias por medio de la función reassign_post_terminate_cruft (SEC-173). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-10772
https://notcve.org/view.php?id=CVE-2016-10772
05 Aug 2019 — cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168). cPanel anterior a versión 60.0.25, no aplica restricciones de lista de funcionalidades cuando se llama a adminbin multilang (SEC-168). • https://documentation.cpanel.net/display/CL/60+Change+Log • CWE-254: 7PK - Security Features •