| Description: |
Synopsis :
The remote host is vulnerable to multiple attack vectors
The remote host is running a version of cpanel which is than 10.9.1 or 11.4.19
The remote version of this software is vulnerable to a Cross-Site-Scripting (XSS) flaw in the 'scgiwrap' script. An attacker, exploiting this flaw, would need to be able to coerce a user into browsing a malicious URI. In addition, this version of cPanel is vulnerable to a 'Path Disclosure' flaw. Successful exploitation would result in the attacker gaining knowledge of the physical location of the different web files.
CVSS Base Score : 7.8
CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
|