Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-01 | CVE-2018-20932 | cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). | Cpanel | 2.7 | ||
| 2019-08-01 | CVE-2018-20931 | cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405). | Cpanel | 6.3 | ||
| 2019-08-01 | CVE-2018-20930 | cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401). | Cpanel | 6.5 | ||
| 2019-08-01 | CVE-2018-20927 | cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). | Cpanel | 3.8 | ||
| 2019-08-01 | CVE-2018-20925 | cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | Cpanel | 6.7 | ||
| 2019-08-01 | CVE-2018-20898 | cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396). | Cpanel | 4.3 | ||
| 2019-08-05 | CVE-2017-18482 | cPanel before 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213). | Cpanel | 6.5 | ||
| 2019-08-05 | CVE-2017-18480 | cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210). | Cpanel | 6.5 | ||
| 2019-08-05 | CVE-2017-18479 | In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209). | Cpanel | 6.5 | ||
| 2019-08-05 | CVE-2017-18478 | In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207). | Cpanel | 6.5 |