Total
417 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-17379 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527). | |||||
CVE-2017-18416 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.6 LOW | 5.5 MEDIUM |
cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303). | |||||
CVE-2019-14396 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 3.3 LOW |
API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495). | |||||
CVE-2019-14389 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 7.8 HIGH |
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). | |||||
CVE-2018-20941 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.7 MEDIUM | 5.6 MEDIUM |
cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349). | |||||
CVE-2016-10837 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 8.5 HIGH | 7.5 HIGH |
cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). | |||||
CVE-2017-18406 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276). | |||||
CVE-2016-10827 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96). | |||||
CVE-2018-20944 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 3.3 LOW |
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353). | |||||
CVE-2018-20923 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377). | |||||
CVE-2016-10805 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109). | |||||
CVE-2019-14410 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 3.3 LOW |
Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472). | |||||
CVE-2018-20917 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
cPanel before 70.0.23 allows any user to disable Solr (SEC-371). | |||||
CVE-2016-10785 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185). | |||||
CVE-2017-18393 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.0 MEDIUM | 2.7 LOW |
cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326). | |||||
CVE-2018-20925 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | |||||
CVE-2018-20931 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405). | |||||
CVE-2016-10823 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). | |||||
CVE-2017-18464 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.5 MEDIUM | 4.9 MEDIUM |
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226). | |||||
CVE-2016-10790 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpanel.net (SEC-192). |