Total
417 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10841 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 5.3 MEDIUM |
| The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73). | |||||
| CVE-2016-10840 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72). | |||||
| CVE-2016-10839 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71). | |||||
| CVE-2016-10838 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70). | |||||
| CVE-2016-10837 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 8.5 HIGH | 7.5 HIGH |
| cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). | |||||
| CVE-2016-10836 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108). | |||||
| CVE-2016-10835 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107). | |||||
| CVE-2016-10834 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105). | |||||
| CVE-2016-10833 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104). | |||||
| CVE-2016-10832 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102). | |||||
| CVE-2016-10831 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101). | |||||
| CVE-2016-10830 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100). | |||||
| CVE-2016-10829 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99). | |||||
| CVE-2016-10828 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). | |||||
| CVE-2016-10827 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96). | |||||
| CVE-2016-10826 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93). | |||||
| CVE-2016-10825 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92). | |||||
| CVE-2016-10824 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
| cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90). | |||||
| CVE-2016-10823 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). | |||||
| CVE-2016-10822 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88). | |||||