Filtered by vendor Cpanel
Subscribe
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10787 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 5.5 MEDIUM | 8.1 HIGH |
| The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187). | |||||
| CVE-2016-10788 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188). | |||||
| CVE-2016-10774 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172). | |||||
| CVE-2016-10779 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179). | |||||
| CVE-2016-10789 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191). | |||||
| CVE-2016-10770 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 5.5 MEDIUM | 6.5 MEDIUM |
| cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164). | |||||
| CVE-2017-18457 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 4.9 MEDIUM | 4.4 MEDIUM |
| cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218). | |||||
| CVE-2016-10804 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 8.7 HIGH | 8.1 HIGH |
| The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58). | |||||
| CVE-2016-10802 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142). | |||||
| CVE-2016-10811 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 9.0 HIGH | 8.8 HIGH |
| In cPanel before 57.9999.54, /scripts/unsuspendacct exposed TTYs (SEC-116). | |||||
| CVE-2016-10810 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 9.0 HIGH | 8.8 HIGH |
| In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115). | |||||
| CVE-2016-10809 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 9.0 HIGH | 8.8 HIGH |
| In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114). | |||||
| CVE-2016-10807 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112). | |||||
| CVE-2018-20942 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 1.9 LOW | 2.5 LOW |
| cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). | |||||
| CVE-2016-10805 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109). | |||||
| CVE-2017-18437 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 3.6 LOW | 4.4 MEDIUM |
| cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240). | |||||
| CVE-2018-20938 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 4.0 MEDIUM | 2.7 LOW |
| cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324). | |||||
| CVE-2017-18433 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236). | |||||
| CVE-2016-10849 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). | |||||
| CVE-2017-18439 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243). | |||||