CVE-2004-1875

N/A Unknown
Published: March 30, 2004 Modified: April 16, 2026
View on NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html, (4) account parameter to ignorelist.html, (5) account parameter to showlog.html, (6) db parameter to repairdb.html, (7) login parameter to doaddftp.html (8) account parameter to editmsg.htm, or (9) ip parameter to del.html. NOTE: the dnslook.html vector was later reported to exist in cPanel 10.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://marc.info/?l=bugtraq&m=108066561608676&w=2
Source: cve@mitre.org
http://secunia.com/advisories/11244
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/22984
Source: cve@mitre.org
Vendor Advisory
http://www.aria-security.com/forum/showthread.php?t=30
Source: cve@mitre.org
http://www.cirt.net/advisories/cpanel_xss.shtml
Source: cve@mitre.org
Patch Vendor Advisory
http://www.osvdb.org/4208
Source: cve@mitre.org
Vendor Advisory
http://www.osvdb.org/4209
Source: cve@mitre.org
Vendor Advisory
http://www.osvdb.org/4210
Source: cve@mitre.org
Vendor Advisory
http://www.osvdb.org/4211
Source: cve@mitre.org
http://www.osvdb.org/4212
Source: cve@mitre.org
Vendor Advisory
http://www.osvdb.org/4213
Source: cve@mitre.org
Vendor Advisory
http://www.osvdb.org/4214
Source: cve@mitre.org
Vendor Advisory
http://www.osvdb.org/4215
Source: cve@mitre.org
Vendor Advisory
http://www.osvdb.org/4243
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/10002
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/21142
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2006/4658
Source: cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15671
Source: cve@mitre.org
http://marc.info/?l=bugtraq&m=108066561608676&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/11244
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/22984
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.aria-security.com/forum/showthread.php?t=30
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.cirt.net/advisories/cpanel_xss.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.osvdb.org/4208
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/4209
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/4210
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/4211
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/4212
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/4213
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/4214
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/4215
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/4243
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/10002
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/21142
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/4658
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15671
Source: af854a3a-2127-422b-91ae-364da2661108

36 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
8.9%
93th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

cpanel

Related CVEs

CVE-2026-6579 6.5
CVE-2026-6578 5.6
CVE-2026-6577 7.3
CVE-2026-6576 6.3
CVE-2026-6574 7.3