Filtered by vendor Cpanel
Subscribe
Total
426 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-20926 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). | |||||
CVE-2017-18419 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 66.0.2 allows stored XSS during WHM cPAddons uninstallation (SEC-266). | |||||
CVE-2018-20891 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). | |||||
CVE-2018-20896 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.3 LOW | 3.9 LOW |
cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394). | |||||
CVE-2016-10807 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112). | |||||
CVE-2018-20933 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410). | |||||
CVE-2017-18445 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). | |||||
CVE-2017-18476 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). | |||||
CVE-2017-18438 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242). | |||||
CVE-2016-10839 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71). | |||||
CVE-2016-10847 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80). | |||||
CVE-2016-10771 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165). | |||||
CVE-2019-14414 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 3.3 LOW |
In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478). | |||||
CVE-2018-20922 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376). | |||||
CVE-2016-10828 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). | |||||
CVE-2017-18462 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224). | |||||
CVE-2016-10789 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191). | |||||
CVE-2017-18417 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263). | |||||
CVE-2016-10843 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76). | |||||
CVE-2016-10819 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125). |