Filtered by vendor Cpanel
Subscriptions
Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20868 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464). | ||||
| CVE-2018-20867 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). | ||||
| CVE-2018-20866 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461). | ||||
| CVE-2018-20865 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459). | ||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | ||||
| CVE-2018-20863 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). | ||||
| CVE-2018-20862 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366). | ||||
| CVE-2018-16236 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering. | ||||
| CVE-2017-18482 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213). | ||||
| CVE-2017-18481 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211). | ||||
| CVE-2017-18480 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210). | ||||
| CVE-2017-18479 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209). | ||||
| CVE-2017-18478 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207). | ||||
| CVE-2017-18477 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206). | ||||
| CVE-2017-18476 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). | ||||
| CVE-2017-18475 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204). | ||||
| CVE-2017-18474 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201). | ||||
| CVE-2017-18473 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199). | ||||
| CVE-2017-18472 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198). | ||||
| CVE-2017-18471 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197). | ||||