Filtered by vendor Cpanel
Subscribe
Total
426 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10767 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159). | |||||
CVE-2017-18452 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
cPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259). | |||||
CVE-2016-10813 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118). | |||||
CVE-2016-10823 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). | |||||
CVE-2017-18432 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 7.8 HIGH |
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234). | |||||
CVE-2017-18409 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283). | |||||
CVE-2017-18464 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.5 MEDIUM | 4.9 MEDIUM |
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226). | |||||
CVE-2019-14390 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512). | |||||
CVE-2017-18426 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 2.7 LOW |
cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). | |||||
CVE-2016-10805 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109). | |||||
CVE-2017-18476 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). | |||||
CVE-2019-14405 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487). | |||||
CVE-2018-20884 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367). | |||||
CVE-2016-10774 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172). | |||||
CVE-2016-10857 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60). | |||||
CVE-2016-10832 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102). | |||||
CVE-2016-10812 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117). | |||||
CVE-2017-18458 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.6 LOW | 3.3 LOW |
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). | |||||
CVE-2016-10830 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100). | |||||
CVE-2016-10810 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115). |