Filtered by vendor Cpanel Subscriptions
Filtered by product Cpanel Subscriptions
Total 417 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-20881 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446).
CVE-2018-20880 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).
CVE-2018-20879 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444).
CVE-2018-20878 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441).
CVE-2018-20877 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437).
CVE-2018-20876 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).
CVE-2018-20875 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433).
CVE-2018-20874 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428).
CVE-2018-20873 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
CVE-2018-20870 1 Cpanel 1 Cpanel 2024-11-21 N/A
The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467).
CVE-2018-20869 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).
CVE-2018-20868 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464).
CVE-2018-20867 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462).
CVE-2018-20866 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461).
CVE-2018-20865 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459).
CVE-2018-20864 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454).
CVE-2018-20863 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452).
CVE-2018-20862 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
CVE-2018-16236 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.
CVE-2017-5614 1 Cpanel 1 Cpanel 2024-11-21 6.1 Medium
Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the (1) success or (2) failure parameter.