Filtered by vendor Cpanel
Subscribe
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18385 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311). | |||||
| CVE-2017-18384 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 3.8 LOW |
| cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310). | |||||
| CVE-2017-18383 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309). | |||||
| CVE-2017-18382 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306). | |||||
| CVE-2017-11441 | 1 Cpanel | 1 Whm | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297. | |||||
| CVE-2016-10860 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66). | |||||
| CVE-2016-10859 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65). | |||||
| CVE-2016-10858 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
| cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64). | |||||
| CVE-2016-10857 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60). | |||||
| CVE-2016-10856 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29). | |||||
| CVE-2016-10855 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91). | |||||
| CVE-2016-10854 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87). | |||||
| CVE-2016-10853 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86). | |||||
| CVE-2016-10852 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85). | |||||
| CVE-2016-10851 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84). | |||||
| CVE-2016-10850 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83). | |||||
| CVE-2016-10849 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). | |||||
| CVE-2016-10848 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). | |||||
| CVE-2016-10847 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80). | |||||
| CVE-2016-10846 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 8.5 HIGH | 8.1 HIGH |
| cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79). | |||||