Filtered by vendor Cpanel
Subscribe
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20881 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446). | |||||
| CVE-2018-20880 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). | |||||
| CVE-2018-20879 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444). | |||||
| CVE-2018-20878 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441). | |||||
| CVE-2018-20877 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437). | |||||
| CVE-2018-20876 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434). | |||||
| CVE-2018-20875 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433). | |||||
| CVE-2018-20874 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428). | |||||
| CVE-2018-20873 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | |||||
| CVE-2018-20870 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467). | |||||
| CVE-2018-20869 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465). | |||||
| CVE-2018-20868 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464). | |||||
| CVE-2018-20867 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). | |||||
| CVE-2018-20866 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461). | |||||
| CVE-2018-20865 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459). | |||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | |||||
| CVE-2018-20863 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). | |||||
| CVE-2018-20862 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366). | |||||
| CVE-2018-16236 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering. | |||||
| CVE-2017-5616 | 1 Cpanel | 2 Cgiecho, Cgiemail | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter. | |||||