Filtered by vendor Cpanel
Subscriptions
Filtered by product Cpanel
Subscriptions
Total
417 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20903 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface (SEC-421). | ||||
| CVE-2018-20911 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of cpaddonsup (SEC-359). | ||||
| CVE-2018-20906 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430). | ||||
| CVE-2018-20877 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437). | ||||
| CVE-2018-20912 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362). | ||||
| CVE-2018-20907 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432). | ||||
| CVE-2018-20888 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424). | ||||
| CVE-2018-20875 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433). | ||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | ||||
| CVE-2018-20894 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443). | ||||
| CVE-2018-20863 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). | ||||
| CVE-2018-20897 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395). | ||||
| CVE-2018-20873 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | ||||
| CVE-2018-20935 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412). | ||||
| CVE-2018-20916 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370). | ||||
| CVE-2018-20914 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368). | ||||
| CVE-2018-20867 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). | ||||
| CVE-2018-20868 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464). | ||||
| CVE-2018-20866 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461). | ||||
| CVE-2018-20898 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396). | ||||