Cpanel

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-10833 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
CVE-2016-10832 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
CVE-2016-10831 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).
CVE-2016-10830 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).
CVE-2016-10829 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).
CVE-2016-10828 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).
CVE-2016-10827 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).
CVE-2016-10825 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92).
CVE-2016-10824 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 9.8 CRITICAL· v3 9.3 HIGH· v2 cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
CVE-2016-10823 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).
CVE-2016-10822 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).
CVE-2018-20935 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 cPanel before 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412).
CVE-2018-20934 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411).
CVE-2018-20933 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410).
CVE-2018-20932 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 2.7 LOW· v3 4.0 MEDIUM· v2 cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
CVE-2018-20931 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405).
CVE-2018-20930 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401).
CVE-2018-20929 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392).
CVE-2018-20928 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391).
CVE-2018-20927 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 3.8 LOW· v3 2.1 LOW· v2 cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).

Previous 1...121314...22 Next