Cpanel

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-20953 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).
CVE-2018-20952 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
CVE-2018-20951 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).
CVE-2018-20950 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).
CVE-2018-20949 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).
CVE-2018-20948 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).
CVE-2018-20947 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).
CVE-2018-20946 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).
CVE-2018-20945 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.7 MEDIUM· v3 7.9 HIGH· v2 bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).
CVE-2018-20944 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).
CVE-2018-20943 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 2.5 LOW· v3 1.9 LOW· v2 cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352).
CVE-2018-20942 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 2.5 LOW· v3 1.9 LOW· v2 cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).
CVE-2018-20941 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.6 MEDIUM· v3 4.7 MEDIUM· v2 cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349).
CVE-2018-20940 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).
CVE-2018-20939 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339).
CVE-2018-20938 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 2.7 LOW· v3 4.0 MEDIUM· v2 cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).
CVE-2018-20937 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).
CVE-2018-20936 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).
CVE-2016-10835 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).
CVE-2016-10834 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).

Previous 1...111213...22 Next