Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-07 | CVE-2016-10805 | cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109). | Cpanel | 8.8 | ||
| 2019-08-07 | CVE-2016-10804 | The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58). | Cpanel | 8.1 | ||
| 2019-08-07 | CVE-2016-10802 | cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142). | Cpanel | 8.8 | ||
| 2019-08-06 | CVE-2016-10789 | cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191). | Cpanel | 8.8 | ||
| 2019-08-06 | CVE-2016-10788 | cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188). | Cpanel | 8.8 | ||
| 2019-08-06 | CVE-2016-10787 | The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187). | Cpanel | 8.1 | ||
| 2019-08-06 | CVE-2016-10786 | cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186). | Cpanel | 6.5 | ||
| 2019-08-06 | CVE-2016-10779 | cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179). | Cpanel | 5.4 | ||
| 2019-08-05 | CVE-2016-10774 | cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172). | Cpanel | 5.4 | ||
| 2019-08-05 | CVE-2016-10773 | cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171). | Cpanel | 8.8 |