Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-02 | CVE-2017-18402 | cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336). | Cpanel | 5.4 | ||
| 2019-08-02 | CVE-2017-18401 | cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334). | Cpanel | 2.7 | ||
| 2019-08-02 | CVE-2017-18400 | cPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333). | Cpanel | 7.8 | ||
| 2019-08-02 | CVE-2017-18399 | cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332). | Cpanel | 3.7 | ||
| 2019-08-02 | CVE-2017-18398 | DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331). | Cpanel | 3.8 | ||
| 2019-08-02 | CVE-2017-18397 | cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330). | Cpanel | 3.3 | ||
| 2019-08-02 | CVE-2017-18396 | cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329). | Cpanel | 5.5 | ||
| 2019-08-02 | CVE-2017-18395 | cPanel before 68.0.15 does not block a username of ssl (SEC-328). | Cpanel | 2.7 | ||
| 2019-08-06 | CVE-2016-10794 | cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154). | Cpanel | 6.5 | ||
| 2019-08-06 | CVE-2016-10792 | cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141). | Cpanel | 8.8 |