Filtered by vendor Cpanel
Subscriptions
Filtered by product Cpanel
Subscriptions
Total
417 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-20899 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398). | ||||
CVE-2018-20893 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). | ||||
CVE-2018-20900 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 71.9980.37 allows stored XSS in the YUM autorepair functionality (SEC-399). | ||||
CVE-2018-20890 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). | ||||
CVE-2018-20865 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459). | ||||
CVE-2018-20904 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427). | ||||
CVE-2018-20901 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 71.9980.37 allows Remote-Stored XSS in WHM Save Theme Interface (SEC-400). | ||||
CVE-2018-20889 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425). | ||||
CVE-2018-16236 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering. | ||||
CVE-2019-20493 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 6.1 Medium |
cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520). | ||||
CVE-2019-20495 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 6.5 Medium |
cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531). | ||||
CVE-2019-20498 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 9.8 Critical |
cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534). | ||||
CVE-2019-20491 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 5.4 Medium |
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). | ||||
CVE-2019-20494 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 3.3 Low |
In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525). | ||||
CVE-2019-20497 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 5.4 Medium |
cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533). | ||||
CVE-2019-20492 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 8.8 High |
cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516). | ||||
CVE-2019-20496 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 5.5 Medium |
cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing (SEC-532). | ||||
CVE-2019-20490 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 8.8 High |
cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499). | ||||
CVE-2019-17380 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 6.1 Medium |
cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface (SEC-528). | ||||
CVE-2019-17379 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 6.1 Medium |
cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527). |