Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-02 | CVE-2017-18398 | DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331). | Cpanel | 3.8 | ||
| 2019-08-02 | CVE-2017-18397 | cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330). | Cpanel | 3.3 | ||
| 2019-08-02 | CVE-2017-18396 | cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329). | Cpanel | 5.5 | ||
| 2019-08-02 | CVE-2017-18395 | cPanel before 68.0.15 does not block a username of ssl (SEC-328). | Cpanel | 2.7 | ||
| 2019-08-06 | CVE-2016-10794 | cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154). | Cpanel | 6.5 | ||
| 2019-08-06 | CVE-2016-10792 | cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141). | Cpanel | 8.8 | ||
| 2019-08-06 | CVE-2016-10791 | cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559). | Cpanel | 5.3 | ||
| 2019-08-01 | CVE-2018-20945 | bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). | Cpanel | 5.7 | ||
| 2019-08-01 | CVE-2018-20937 | cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321). | Cpanel | 4.3 | ||
| 2019-08-01 | CVE-2018-20934 | cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411). | Cpanel | 6.5 |