Filtered by vendor Cpanel
Subscribe
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18472 | 1 Cpanel | 1 Cpanel | 2019-08-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198). | |||||
| CVE-2017-18481 | 1 Cpanel | 1 Cpanel | 2019-08-07 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211). | |||||
| CVE-2016-10856 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29). | |||||
| CVE-2017-18463 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 7.2 HIGH | 7.8 HIGH |
| cPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path (SEC-225). | |||||
| CVE-2017-18458 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 3.6 LOW | 3.3 LOW |
| cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). | |||||
| CVE-2017-18454 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262). | |||||
| CVE-2018-20874 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428). | |||||
| CVE-2018-20891 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 4.9 MEDIUM | 5.5 MEDIUM |
| cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). | |||||
| CVE-2018-20893 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 2.1 LOW | 2.3 LOW |
| cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). | |||||
| CVE-2016-10813 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 3.5 LOW | 5.4 MEDIUM |
| cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118). | |||||
| CVE-2017-18382 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 4.0 MEDIUM | 2.7 LOW |
| cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306). | |||||
| CVE-2017-18383 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 4.6 MEDIUM | 7.8 HIGH |
| cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309). | |||||
| CVE-2017-18384 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 2.1 LOW | 3.8 LOW |
| cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310). | |||||
| CVE-2017-18385 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 2.1 LOW | 5.5 MEDIUM |
| cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311). | |||||
| CVE-2017-18386 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 9.0 HIGH | 7.2 HIGH |
| cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313). | |||||
| CVE-2017-18422 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 2.1 LOW | 3.3 LOW |
| In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272). | |||||
| CVE-2017-18424 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 2.1 LOW | 3.3 LOW |
| In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274). | |||||
| CVE-2017-18423 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 2.1 LOW | 3.3 LOW |
| In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). | |||||
| CVE-2017-18421 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 2.1 LOW | 3.3 LOW |
| cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271). | |||||
| CVE-2016-10855 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 10.0 HIGH | 9.8 CRITICAL |
| cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91). | |||||