Filtered by vendor Cpanel
Subscribe
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10804 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 8.7 HIGH | 8.1 HIGH |
| The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58). | |||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.4 MEDIUM | 6.5 MEDIUM |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | |||||
| CVE-2016-10854 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87). | |||||
| CVE-2018-20890 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). | |||||
| CVE-2017-18439 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.5 MEDIUM | 6.3 MEDIUM |
| cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243). | |||||
| CVE-2018-20893 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 2.3 LOW |
| cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). | |||||
| CVE-2016-10860 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66). | |||||
| CVE-2017-18467 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229). | |||||
| CVE-2018-20913 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 4.9 MEDIUM |
| cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364). | |||||
| CVE-2017-18448 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252). | |||||
| CVE-2017-18398 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.5 MEDIUM | 3.8 LOW |
| DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331). | |||||
| CVE-2016-10842 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74). | |||||
| CVE-2018-20883 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 74.0.8 allows FTP access during account suspension (SEC-449). | |||||
| CVE-2017-18396 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329). | |||||
| CVE-2017-18401 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 2.7 LOW |
| cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334). | |||||
| CVE-2017-18417 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263). | |||||
| CVE-2018-20947 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | |||||
| CVE-2018-20891 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). | |||||
| CVE-2018-20926 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
| cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). | |||||
| CVE-2017-18480 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210). | |||||