← Back

Cpanel

cpanel

426 CVEs • 6 products

Products (6)

Click to collapse
Toggle
Cpanel
cpanel
417 CVEs
Webhost Manager
webhost_manager
5 CVEs
Cgiecho
cgiecho
3 CVEs
Cgiemail
cgiemail
3 CVEs
Whm
whm
3 CVEs
Wp Squared
wp_squared
1 CVE

CVEs (426)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-20892
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439).
CVE-2018-20891
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.5 MEDIUM· v3
4.9 MEDIUM· v2
cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436).
CVE-2018-20890
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426).
CVE-2018-20889
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
4.4 MEDIUM· v3
3.6 LOW· v2
cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425).
CVE-2018-20888
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.5 MEDIUM· v3
4.9 MEDIUM· v2
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).
CVE-2018-20887
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420).
CVE-2018-20886
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.3 MEDIUM· v3
4.6 MEDIUM· v2
cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418).
CVE-2018-20885
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).
CVE-2018-20884
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367).
CVE-2018-20883
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
cPanel before 74.0.8 allows FTP access during account suspension (SEC-449).
CVE-2018-20882
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
6.8 MEDIUM· v3
6.6 MEDIUM· v2
cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447).
CVE-2018-20881
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446).
CVE-2018-20880
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).
CVE-2018-20879
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
6.3 MEDIUM· v3
6.5 MEDIUM· v2
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444).
CVE-2018-20878
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441).
CVE-2018-20877
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437).
CVE-2018-20876
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).
CVE-2018-20875
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433).
CVE-2018-20874
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428).
CVE-2018-20873
1Cpanel
1Cpanel
Nov 21, 2024
Aug 1, 2019
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).