Filtered by vendor Cpanel
Subscriptions
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20897 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395). | ||||
| CVE-2018-20873 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | ||||
| CVE-2018-20935 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412). | ||||
| CVE-2018-20916 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370). | ||||
| CVE-2018-20914 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368). | ||||
| CVE-2018-20867 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). | ||||
| CVE-2018-20868 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464). | ||||
| CVE-2018-20866 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461). | ||||
| CVE-2018-20898 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396). | ||||
| CVE-2018-20899 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398). | ||||
| CVE-2018-20893 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). | ||||
| CVE-2018-20900 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows stored XSS in the YUM autorepair functionality (SEC-399). | ||||
| CVE-2018-20890 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). | ||||
| CVE-2018-20865 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459). | ||||
| CVE-2018-20904 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427). | ||||
| CVE-2018-20901 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 71.9980.37 allows Remote-Stored XSS in WHM Save Theme Interface (SEC-400). | ||||
| CVE-2018-20889 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425). | ||||
| CVE-2018-16236 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering. | ||||
| CVE-2019-20493 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 6.1 Medium |
| cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520). | ||||
| CVE-2019-20495 | 1 Cpanel | 1 Cpanel | 2024-08-05 | 6.5 Medium |
| cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531). | ||||