CVE-2007-0890

Published Feb 12, 2007

Last updated 6 years ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAE7E44B-47EB-44E6-8909-295B8612C271"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A74988D-80E0-4B28-95AF-D6EFDC7221F0"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03A9A37F-22E5-4B37-9015-296C9F110DA4"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24998E50-B477-4B22-90BF-C3F66E15FD9B"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1091EAE0-8355-4DFE-8469-CB8E0B270B8D"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:6.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24DD69B3-6EB5-4A81-A7BB-799E738E23CF"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:6.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "331E0D8F-D77F-4582-A27D-8CF3F73D4AF8"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:6.4.2_stable_48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "573F957A-A595-4D87-A204-FB54F5759225"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3D8DE9D-191D-47BC-8E85-AA6990C60410"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A54CCB7E-A70D-433A-A441-ABFC64C130D7"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E80D1C2A-881A-45BC-8264-24783B0054F9"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70EF3BD3-8466-41E2-AD35-C55909305C46"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:9.1.0_r85:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "667CFE82-4242-4CDB-9BBB-B79131AA926A"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:9.4.1_r64:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5965DEE-87EC-48F7-A145-0D4F6FA1B1AD"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:9.9.1_r3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D7CA174-C210-495D-A7FB-8118E75203F8"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:10.2.0_r82:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DB4702D-EB15-48F9-A611-C70D924982CE"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:10.6.0_r137:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E726334C-AAE6-4F75-87E1-74AA0225AE7C"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:10.8.1_113:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4F4A77A-A14F-4245-B2B7-7AC52F27DC33"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:10.8.1_build84:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63017CB6-87A9-4071-BD05-3DF327287DD9"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:10.8.2_118:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2694D93E-3007-4AAF-BBEC-883C4CF7C408"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:10.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36E521FE-1070-47C0-94D7-878A92C27659"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21E68BEE-8F02-4D92-AFE9-C26D9479139B"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F65B4DDB-DD92-4602-AF30-DC4945BE9C30"
          },
          {
            "criteria": "cpe:2.3:a:cpanel:webhost_manager:11_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CA5AD81-D28D-4BAA-A5A5-056593C40978"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References