Cpanel

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-20926 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380).
CVE-2018-20925 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379).
CVE-2018-20924 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.5 MEDIUM· v3 7.5 HIGH· v2 cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
CVE-2016-10849 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82).
CVE-2016-10848 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
CVE-2016-10847 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80).
CVE-2016-10846 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 8.5 HIGH· v2 cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79).
CVE-2016-10845 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 6.5 MEDIUM· v2 cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).
CVE-2016-10844 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77).
CVE-2016-10843 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76).
CVE-2016-10842 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).
CVE-2016-10841 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.3 MEDIUM· v3 2.1 LOW· v2 The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73).
CVE-2016-10840 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).
CVE-2016-10839 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71).
CVE-2016-10838 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70).
CVE-2016-10837 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 7.5 HIGH· v3 8.5 HIGH· v2 cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
CVE-2016-10836 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).
CVE-2018-20923 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377).
CVE-2018-20922 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).
CVE-2018-20921 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).

Previous 1...131415...22 Next