Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0521

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2003-0521
Last Modified 10 Sep 2008 03:19:30
Published 18 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-0521

Summary

Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens.

Vulnerable Systems

Application

  • Cpanel 5.0

  • Cpanel 5.3

  • Cpanel 6.0

  • Cpanel 6.2

  • Cpanel 6.4

  • Cpanel 6.4.1

  • Cpanel 6.4.2

  • Cpanel 6.4.2 Stable 48


References

BUGTRAQ - 20030706 cPanel Malicious HTML Tags Injection Vulnerability


Last Updated: 27 May 2016 10:37:56