Filtered by vendor Cpanel
Subscriptions
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20884 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367). | ||||
| CVE-2018-20905 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429). | ||||
| CVE-2018-20913 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364). | ||||
| CVE-2018-20886 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418). | ||||
| CVE-2018-20925 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | ||||
| CVE-2018-20927 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). | ||||
| CVE-2018-20919 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373). | ||||
| CVE-2018-20915 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369). | ||||
| CVE-2018-20902 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408). | ||||
| CVE-2018-20903 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface (SEC-421). | ||||
| CVE-2018-20911 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of cpaddonsup (SEC-359). | ||||
| CVE-2018-20906 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430). | ||||
| CVE-2018-20877 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437). | ||||
| CVE-2018-20912 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362). | ||||
| CVE-2018-20907 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432). | ||||
| CVE-2018-20888 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424). | ||||
| CVE-2018-20875 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433). | ||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | ||||
| CVE-2018-20894 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443). | ||||
| CVE-2018-20863 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). | ||||