Filtered by vendor Cpanel
Subscribe
Total
426 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-17376 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 82.0.15 allows self XSS in the SSL Certificate Upload interface (SEC-521). | |||||
CVE-2019-17377 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 82.0.15 allows self XSS in LiveAPI example scripts (SEC-524). | |||||
CVE-2018-20940 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 3.3 LOW |
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342). | |||||
CVE-2018-20866 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461). | |||||
CVE-2016-10781 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180). | |||||
CVE-2017-18424 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 3.3 LOW |
In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274). | |||||
CVE-2017-18454 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262). | |||||
CVE-2018-20925 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | |||||
CVE-2016-10817 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123). | |||||
CVE-2016-10785 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185). | |||||
CVE-2018-20899 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
cPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398). | |||||
CVE-2016-10769 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.8 MEDIUM | 6.1 MEDIUM |
cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162). | |||||
CVE-2018-20875 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433). | |||||
CVE-2018-20894 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 3.3 LOW |
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443). | |||||
CVE-2017-18384 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 2.1 LOW | 3.8 LOW |
cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310). | |||||
CVE-2017-18404 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.9 MEDIUM | 3.1 LOW |
cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341). | |||||
CVE-2017-18462 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224). | |||||
CVE-2016-10831 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101). | |||||
CVE-2017-18474 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.8 MEDIUM | 6.5 MEDIUM |
cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201). | |||||
CVE-2018-20952 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388). |