CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6548
https://notcve.org/view.php?id=CVE-2006-6548
14 Dec 2006 — Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to (1) scripts2/changeemail, (2) scripts2/limitbw, or (3) scripts/rearrangeacct. NOTE: the feature parameter to scripts2/dofeaturemanager is already covered by CVE-2006-6198. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en cPanel WebHost Manager (WHM) 3.1.0 permite a atacantes remotos autent... • http://securityreason.com/securityalert/2027 •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 9CVE-2006-6198 – cPanel WebHost Manager 3.1 - 'addon_configsupport.cgi?supporturl' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-6198
01 Dec 2006 — Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) email parameter to (a) scripts2/dochangeemail, the (2) supporturl parameter to (b) cgi/addon_configsupport.cgi, the (3) pkg parameter to (c) scripts/editpkg, the (4) domain parameter to (d) scripts2/domts2 and (e) scripts/editzone, the (5) feature parameter to (g) scripts2/dofeaturemanager, and the (6) ndomain parameter to (h) scripts/p... • https://www.exploit-db.com/exploits/29183 •