Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-03-17 | CVE-2020-10119 | cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2020-10118 | cPanel before 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2020-10114 | cPanel before 84.0.20 allows stored self-XSS via the HTML file editor (SEC-535). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2020-10113 | cPanel before 84.0.20 allows self XSS via a temporary character-set specification (SEC-515). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2019-20498 | cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2019-20497 | cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2019-20496 | cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing (SEC-532). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2019-20492 | cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516). | Cpanel | N/A | ||
| 2020-03-16 | CVE-2019-20491 | cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). | Cpanel | N/A | ||
| 2020-03-17 | CVE-2019-20490 | cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499). | Cpanel | N/A |