Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-06 | CVE-2016-10791 | cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559). | Cpanel | 5.3 | ||
| 2019-08-01 | CVE-2018-20945 | bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). | Cpanel | 5.7 | ||
| 2019-08-01 | CVE-2018-20937 | cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321). | Cpanel | 4.3 | ||
| 2019-08-01 | CVE-2018-20934 | cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411). | Cpanel | 6.5 | ||
| 2019-08-01 | CVE-2018-20932 | cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). | Cpanel | 2.7 | ||
| 2019-08-01 | CVE-2018-20931 | cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405). | Cpanel | 6.3 | ||
| 2019-08-01 | CVE-2018-20930 | cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401). | Cpanel | 6.5 | ||
| 2019-08-01 | CVE-2018-20927 | cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). | Cpanel | 3.8 | ||
| 2019-08-01 | CVE-2018-20925 | cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | Cpanel | 6.7 | ||
| 2019-08-01 | CVE-2018-20898 | cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396). | Cpanel | 4.3 |