9

CVE-2006-5014

Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CpanelCpanel Version5.0
CpanelCpanel Version5.3
CpanelCpanel Version6.0
CpanelCpanel Version6.2
CpanelCpanel Version6.4
CpanelCpanel Version6.4.1
CpanelCpanel Version6.4.2
CpanelCpanel Version6.4.2_stable_48
CpanelCpanel Version7.0
CpanelCpanel Version8.0
CpanelCpanel Version9.0
CpanelCpanel Version9.1
CpanelCpanel Version9.1.0_r85
CpanelCpanel Version9.4.1_r64
CpanelCpanel Version9.9.1_r3
CpanelCpanel Version10.2.0_r82
CpanelCpanel Version10.6.0_r137
CpanelCpanel Version10.8.1_113
CpanelCpanel Version10.8.2_118
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.48% 0.802
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9 8 10
AV:N/AC:L/Au:S/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.