Filtered by vendor Cpanel
Subscriptions
Filtered by product Cpanel
Subscriptions
Total
417 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-14393 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486). | ||||
CVE-2019-14392 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501). | ||||
CVE-2019-14391 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514). | ||||
CVE-2019-14390 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512). | ||||
CVE-2019-14389 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). | ||||
CVE-2019-14388 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507). | ||||
CVE-2019-14387 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506). | ||||
CVE-2019-14386 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504). | ||||
CVE-2018-20953 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389). | ||||
CVE-2018-20952 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388). | ||||
CVE-2018-20951 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387). | ||||
CVE-2018-20950 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). | ||||
CVE-2018-20949 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385). | ||||
CVE-2018-20948 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383). | ||||
CVE-2018-20947 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | ||||
CVE-2018-20946 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355). | ||||
CVE-2018-20945 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). | ||||
CVE-2018-20944 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353). | ||||
CVE-2018-20943 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352). | ||||
CVE-2018-20942 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). |