Total
417 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10829 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99). | |||||
CVE-2015-9291 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221). | |||||
CVE-2018-20867 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). | |||||
CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.4 MEDIUM | 6.5 MEDIUM |
cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | |||||
CVE-2017-18398 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.5 MEDIUM | 3.8 LOW |
DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331). | |||||
CVE-2018-20932 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 2.7 LOW |
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). | |||||
CVE-2017-18458 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.6 LOW | 3.3 LOW |
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). | |||||
CVE-2018-20868 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464). | |||||
CVE-2017-18411 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 6.8 MEDIUM |
The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account (SEC-285). | |||||
CVE-2018-20950 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). | |||||
CVE-2016-10775 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173). | |||||
CVE-2016-10769 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162). | |||||
CVE-2017-18439 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243). | |||||
CVE-2016-10815 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120). | |||||
CVE-2018-20947 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | |||||
CVE-2018-20952 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388). | |||||
CVE-2016-10796 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 3.3 LOW |
cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130). | |||||
CVE-2018-20901 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 71.9980.37 allows Remote-Stored XSS in WHM Save Theme Interface (SEC-400). | |||||
CVE-2019-14390 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512). | |||||
CVE-2019-14386 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504). |