Filtered by vendor Cpanel
Subscriptions
Total
426 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-10768 | 1 Cpanel | 1 Cpanel | 2024-08-06 | N/A |
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161). | ||||
CVE-2017-18446 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250). | ||||
CVE-2017-18462 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224). | ||||
CVE-2017-18441 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245). | ||||
CVE-2017-18465 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 does not have a sufficient list of reserved usernames (SEC-227). | ||||
CVE-2017-18473 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199). | ||||
CVE-2017-18432 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234). | ||||
CVE-2017-18460 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221). | ||||
CVE-2017-18470 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196). | ||||
CVE-2017-18476 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). | ||||
CVE-2017-18472 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198). | ||||
CVE-2017-18458 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). | ||||
CVE-2017-18480 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210). | ||||
CVE-2017-18474 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201). | ||||
CVE-2017-18464 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226). | ||||
CVE-2017-18445 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). | ||||
CVE-2017-18477 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206). | ||||
CVE-2017-18434 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237). | ||||
CVE-2017-18466 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228). | ||||
CVE-2017-18467 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229). |