Filtered by vendor Cpanel
Subscribe
Total
426 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18432 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 2.1 LOW | 7.8 HIGH |
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234). | |||||
CVE-2017-18388 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315). | |||||
CVE-2017-18427 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 2.1 LOW | 3.3 LOW |
In cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289). | |||||
CVE-2017-18449 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254). | |||||
CVE-2018-20869 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465). | |||||
CVE-2016-10854 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87). | |||||
CVE-2017-18474 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 6.8 MEDIUM | 6.5 MEDIUM |
cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201). | |||||
CVE-2016-10781 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180). | |||||
CVE-2018-20908 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435). | |||||
CVE-2018-20879 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 6.5 MEDIUM | 6.3 MEDIUM |
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444). | |||||
CVE-2016-10795 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi interface (SEC-156). | |||||
CVE-2016-10815 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120). | |||||
CVE-2017-18433 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
cPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236). | |||||
CVE-2018-20884 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367). | |||||
CVE-2019-14399 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 6.1 MEDIUM | 7.1 HIGH |
The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477). | |||||
CVE-2016-10828 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). | |||||
CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 6.4 MEDIUM | 6.5 MEDIUM |
cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | |||||
CVE-2017-18478 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207). | |||||
CVE-2018-20897 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 3.3 LOW | 2.8 LOW |
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395). | |||||
CVE-2017-18438 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 6.5 MEDIUM | 6.3 MEDIUM |
cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242). |