Filtered by vendor Cpanel
Subscribe
Total
426 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10826 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93). | |||||
CVE-2016-10815 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120). | |||||
CVE-2016-10808 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113). | |||||
CVE-2016-10798 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.9 MEDIUM | 6.8 MEDIUM |
cPanel before 58.0.4 allows a file-ownership change (to nobody) via rearrangeacct (SEC-134). | |||||
CVE-2019-14410 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 3.3 LOW |
Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472). | |||||
CVE-2017-18408 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282). | |||||
CVE-2018-20876 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434). | |||||
CVE-2016-10850 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83). | |||||
CVE-2017-18382 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 2.7 LOW |
cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306). | |||||
CVE-2018-20918 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372). | |||||
CVE-2016-10783 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182). | |||||
CVE-2018-20902 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408). | |||||
CVE-2016-10859 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65). | |||||
CVE-2016-10782 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181). | |||||
CVE-2017-18441 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 5.0 MEDIUM |
cPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245). | |||||
CVE-2018-20924 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 7.5 HIGH | 5.5 MEDIUM |
cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378). | |||||
CVE-2017-18413 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299). | |||||
CVE-2016-10777 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177). | |||||
CVE-2018-20889 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.6 LOW | 4.4 MEDIUM |
cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425). | |||||
CVE-2016-10802 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142). |