NVD

Id
72253  
Name
CVE-2004-1875  
Description
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html, (4) account parameter to ignorelist.html, (5) account parameter to showlog.html, (6) db parameter to repairdb.html, (7) login parameter to doaddftp.html (8) account parameter to editmsg.htm, or (9) ip parameter to del.html. NOTE: the dnslook.html vector was later reported to exist in cPanel 10.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2004-03-30  
Modified Date
2017-07-10  
Seq
2004-1875  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
373074 72253 CVE-2004-1875 20040330 Exensive cPanel Cross Site Scripting  View
373075 72253 CVE-2004-1875 http://www.aria-security.com/forum/showthread.php?t=30  View
373076 72253 CVE-2004-1875 http://www.cirt.net/advisories/cpanel_xss.shtml  View
373077 72253 CVE-2004-1875 10002  View
373078 72253 CVE-2004-1875 21142  View
373079 72253 CVE-2004-1875 ADV-2006-4658  View
373080 72253 CVE-2004-1875 cpanel-multiple-scripts-xss(15671)  View

Related JVN