Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-05 | CVE-2016-10775 | cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173). | Cpanel | 6.5 | ||
| 2019-08-01 | CVE-2018-20943 | cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352). | Cpanel | 2.5 | ||
| 2019-08-01 | CVE-2018-20942 | cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). | Cpanel | 2.5 | ||
| 2019-08-02 | CVE-2017-18457 | cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218). | Cpanel | 4.4 | ||
| 2019-08-02 | CVE-2017-18426 | cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). | Cpanel | 2.7 | ||
| 2019-08-02 | CVE-2017-18425 | In cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280). | Cpanel | 2.5 | ||
| 2019-08-02 | CVE-2017-18391 | cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323). | Cpanel | 2.5 | ||
| 2019-08-02 | CVE-2017-18388 | cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315). | Cpanel | 7.8 | ||
| 2019-08-01 | CVE-2016-10858 | cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64). | Cpanel | 9.8 | ||
| 2019-08-01 | CVE-2016-10857 | cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60). | Cpanel | 6.5 |