Filtered by vendor Cpanel
Subscribe
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10781 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180). | |||||
| CVE-2016-10782 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181). | |||||
| CVE-2016-10783 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182). | |||||
| CVE-2016-10784 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184). | |||||
| CVE-2018-20941 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 4.7 MEDIUM | 5.6 MEDIUM |
| cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349). | |||||
| CVE-2018-20929 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 5.8 MEDIUM | 6.1 MEDIUM |
| cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392). | |||||
| CVE-2018-20928 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| cPanel before 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391). | |||||
| CVE-2016-10837 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 8.5 HIGH | 7.5 HIGH |
| cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). | |||||
| CVE-2018-20924 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 7.5 HIGH | 5.5 MEDIUM |
| cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378). | |||||
| CVE-2018-20890 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). | |||||
| CVE-2016-10844 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77). | |||||
| CVE-2018-20882 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 6.6 MEDIUM | 6.8 MEDIUM |
| cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447). | |||||
| CVE-2016-10848 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 9.0 HIGH | 7.2 HIGH |
| cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). | |||||
| CVE-2016-10847 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80). | |||||
| CVE-2016-10841 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 2.1 LOW | 5.3 MEDIUM |
| The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73). | |||||
| CVE-2018-20897 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 3.3 LOW | 2.8 LOW |
| cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395). | |||||
| CVE-2018-20899 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| cPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398). | |||||
| CVE-2017-18389 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 6.5 MEDIUM | 6.3 MEDIUM |
| cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318). | |||||
| CVE-2017-18390 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 7.2 HIGH | 7.8 HIGH |
| cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322). | |||||
| CVE-2018-20873 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 2.1 LOW | 3.3 LOW |
| cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | |||||