Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2003-0521

Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens.

  • Published: Aug 18, 2003
  • Updated: Apr 13, 2023
  • CVE: CVE-2003-0521
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
cpanel / cpanel 6.4 6.4.x
cpanel / cpanel 5.3 5.3.x
cpanel / cpanel 5.0 5.0.x
cpanel / cpanel 6.0 6.0.x
cpanel / cpanel 6.4.1 6.4.1.x
cpanel / cpanel 6.4.2_stable_48 6.4.2_stable_48.x
cpanel / cpanel 6.4.2 6.4.2.x
cpanel / cpanel 6.2 6.2.x