Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-02 | CVE-2017-18390 | cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322). | Cpanel | 7.8 | ||
| 2019-08-02 | CVE-2017-18389 | cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318). | Cpanel | 6.3 | ||
| 2019-08-01 | CVE-2016-10859 | cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65). | Cpanel | 8.1 | ||
| 2019-08-01 | CVE-2016-10853 | cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86). | Cpanel | 5.4 | ||
| 2019-08-01 | CVE-2016-10852 | cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85). | Cpanel | 6.5 | ||
| 2019-08-01 | CVE-2016-10849 | cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). | Cpanel | 6.5 | ||
| 2019-08-01 | CVE-2016-10848 | cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). | Cpanel | 7.2 | ||
| 2019-08-01 | CVE-2016-10847 | cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80). | Cpanel | 8.1 | ||
| 2019-08-01 | CVE-2016-10846 | cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79). | Cpanel | 8.1 | ||
| 2019-08-01 | CVE-2016-10845 | cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78). | Cpanel | 8.1 |