Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (418 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-16236 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.
CVE-2017-18482 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).
CVE-2017-18481 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211).
CVE-2017-18480 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
CVE-2017-18479 1 Cpanel 1 Cpanel 2024-11-21 N/A
In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209).
CVE-2017-18478 1 Cpanel 1 Cpanel 2024-11-21 N/A
In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).
CVE-2017-18477 1 Cpanel 1 Cpanel 2024-11-21 N/A
In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206).
CVE-2017-18476 1 Cpanel 1 Cpanel 2024-11-21 N/A
Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205).
CVE-2017-18475 1 Cpanel 1 Cpanel 2024-11-21 N/A
In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
CVE-2017-18474 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201).
CVE-2017-18473 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199).
CVE-2017-18472 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198).
CVE-2017-18471 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197).
CVE-2017-18470 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).
CVE-2017-18469 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233).
CVE-2017-18468 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.17 allows demo accounts to execute code via the Htaccess::setphppreference API (SEC-232).
CVE-2017-18467 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229).
CVE-2017-18466 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228).
CVE-2017-18465 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.17 does not have a sufficient list of reserved usernames (SEC-227).
CVE-2017-18464 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226).