Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-05 | CVE-2016-10772 | cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168). | Cpanel | 3.3 | ||
| 2019-08-05 | CVE-2016-10771 | cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165). | Cpanel | 8.1 | ||
| 2019-08-05 | CVE-2016-10770 | cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164). | Cpanel | 6.5 | ||
| 2019-08-05 | CVE-2016-10767 | cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159). | Cpanel | 5.4 | ||
| 2019-08-01 | CVE-2018-20953 | cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389). | Cpanel | 6.1 | ||
| 2019-08-01 | CVE-2018-20952 | cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388). | Cpanel | 6.5 | ||
| 2019-08-01 | CVE-2018-20947 | cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | Cpanel | 5.5 | ||
| 2019-08-01 | CVE-2018-20941 | cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349). | Cpanel | 5.6 | ||
| 2019-08-01 | CVE-2018-20938 | cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324). | Cpanel | 2.7 | ||
| 2019-08-01 | CVE-2018-20929 | cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392). | Cpanel | 6.1 |