Filtered by vendor Cpanel
Subscriptions
Total
426 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-20950 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). | ||||
CVE-2018-20941 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349). | ||||
CVE-2018-20936 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308). | ||||
CVE-2018-20937 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321). | ||||
CVE-2018-20938 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324). | ||||
CVE-2018-20933 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410). | ||||
CVE-2018-20876 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434). | ||||
CVE-2018-20917 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 allows any user to disable Solr (SEC-371). | ||||
CVE-2018-20891 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). | ||||
CVE-2018-20922 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376). | ||||
CVE-2018-20879 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444). | ||||
CVE-2018-20930 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401). | ||||
CVE-2018-20924 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378). | ||||
CVE-2018-20931 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405). | ||||
CVE-2018-20883 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.8 allows FTP access during account suspension (SEC-449). | ||||
CVE-2018-20895 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
In cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393). | ||||
CVE-2018-20862 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366). | ||||
CVE-2018-20926 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). | ||||
CVE-2018-20887 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420). | ||||
CVE-2018-20920 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374). |