VDB
CVE-2008-2043
CVE-2008-2043
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) frontend/x2/sql/adddb.html, (3) frontend/x2/sql/adduser.html, and (4) frontend/x2/ftp/doaddftp.html.
EPSS 0.47% · 64.9th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.47%
64.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| cpanel | cpanel | 11.18.3, 11.19.3 |
Timeline
- May 1, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 30027 third-party-advisory
- ADV-2008-1401 vdb
- http://www.rooksecurity.com/blog/?p=7 url
- VU#584089 third-party-advisory
- cpanel-http-csrf(42114) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-2043 advisory