Unrated severityNVD Advisory· Published Nov 14, 2006· Updated Apr 23, 2026

CVE-2006-5883

Description

Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html.

Affected products

CPanel/Cpanel
cpe:2.3:a:cpanel:cpanel:10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

aria-security.net/advisory/cpanel.txtnvdExploitVendor Advisory
www.securityfocus.com/bid/21027nvdExploit
secunia.com/advisories/22825nvd
securityreason.com/securityalert/1847nvd
www.osvdb.org/30386nvd
www.osvdb.org/30387nvd
www.securityfocus.com/archive/1/451374/100/0/threadednvd
www.vupen.com/english/advisories/2006/4500nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000