CVE-2009-4823

Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cpanel:cpanel:11.0:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.4.19:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.16:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.18:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.18.1:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.18.2:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.18.3:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.18.4:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.19.3:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.21:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.21:beta:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.22:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.22.1:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.22.2:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.22.3:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.24:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:11.24.7:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-04-27 15:30

Updated : 2024-02-04 17:54


NVD link : CVE-2009-4823

Mitre link : CVE-2009-4823

CVE.ORG link : CVE-2009-4823


JSON object : View

Products Affected

cpanel

  • cpanel
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')