CVE-2006-4293 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter in dohtaccess.html or the (2) file parameter in (a) editit.html or (b) showfile.html.

Reference

http://secunia.com/advisories/21592 http://securityreason.com/securityalert/1442 http://www.osvdb.org/28041 http://www.osvdb.org/28042 http://www.osvdb.org/28043 http://www.securityfocus.com/archive/1/443637/100/0/threaded http://www.securityfocus.com/bid/19624 https://exchange.xforce.ibmcloud.com/vulnerabilities/28447