Filtered by vendor Cpanel
Subscriptions
Filtered by product Cpanel
Subscriptions
Total
417 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-18473 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199). | ||||
CVE-2017-18432 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234). | ||||
CVE-2017-18460 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221). | ||||
CVE-2017-18470 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196). | ||||
CVE-2017-18476 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). | ||||
CVE-2017-18458 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). | ||||
CVE-2017-18472 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198). | ||||
CVE-2017-18480 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210). | ||||
CVE-2017-18474 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201). | ||||
CVE-2017-18464 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226). | ||||
CVE-2017-18477 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206). | ||||
CVE-2017-18445 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). | ||||
CVE-2017-18434 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237). | ||||
CVE-2017-18466 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228). | ||||
CVE-2017-18467 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229). | ||||
CVE-2017-18454 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262). | ||||
CVE-2017-18456 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217). | ||||
CVE-2017-18469 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233). | ||||
CVE-2017-18459 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220). | ||||
CVE-2017-18478 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207). |