Filtered by vendor Cpanel
Subscriptions
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20929 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392). | ||||
| CVE-2018-20910 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows self XSS in the WHM cPAddons showsecurity Interface (SEC-357). | ||||
| CVE-2018-20881 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446). | ||||
| CVE-2018-20932 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). | ||||
| CVE-2018-20885 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416). | ||||
| CVE-2018-20870 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467). | ||||
| CVE-2018-20923 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377). | ||||
| CVE-2018-20928 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391). | ||||
| CVE-2018-20874 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428). | ||||
| CVE-2018-20918 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372). | ||||
| CVE-2018-20908 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435). | ||||
| CVE-2018-20880 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). | ||||
| CVE-2018-20909 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338). | ||||
| CVE-2018-20892 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439). | ||||
| CVE-2018-20934 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411). | ||||
| CVE-2018-20896 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394). | ||||
| CVE-2018-20921 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375). | ||||
| CVE-2018-20882 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447). | ||||
| CVE-2018-20878 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441). | ||||
| CVE-2018-20869 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465). | ||||