Filtered by vendor Cpanel
Subscriptions
Filtered by product Cpanel
Subscriptions
Total
417 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20918 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372). | ||||
| CVE-2018-20908 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435). | ||||
| CVE-2018-20880 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). | ||||
| CVE-2018-20909 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338). | ||||
| CVE-2018-20892 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439). | ||||
| CVE-2018-20934 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411). | ||||
| CVE-2018-20896 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394). | ||||
| CVE-2018-20921 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375). | ||||
| CVE-2018-20882 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447). | ||||
| CVE-2018-20878 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441). | ||||
| CVE-2018-20869 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465). | ||||
| CVE-2018-20884 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367). | ||||
| CVE-2018-20905 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429). | ||||
| CVE-2018-20913 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364). | ||||
| CVE-2018-20886 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418). | ||||
| CVE-2018-20925 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | ||||
| CVE-2018-20927 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). | ||||
| CVE-2018-20919 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373). | ||||
| CVE-2018-20915 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369). | ||||
| CVE-2018-20902 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408). | ||||