Filtered by vendor Cpanel
Subscriptions
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20881 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446). | ||||
| CVE-2018-20880 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). | ||||
| CVE-2018-20879 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444). | ||||
| CVE-2018-20878 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441). | ||||
| CVE-2018-20877 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437). | ||||
| CVE-2018-20876 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434). | ||||
| CVE-2018-20875 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433). | ||||
| CVE-2018-20874 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428). | ||||
| CVE-2018-20873 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | ||||
| CVE-2018-20870 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467). | ||||
| CVE-2018-20869 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465). | ||||
| CVE-2018-20868 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464). | ||||
| CVE-2018-20867 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). | ||||
| CVE-2018-20866 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461). | ||||
| CVE-2018-20865 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459). | ||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | ||||
| CVE-2018-20863 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). | ||||
| CVE-2018-20862 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366). | ||||
| CVE-2018-16236 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering. | ||||
| CVE-2017-5616 | 1 Cpanel | 2 Cgiecho, Cgiemail | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter. | ||||