Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-02 | CVE-2017-18452 | cPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259). | Cpanel | 6.7 | ||
| 2019-08-02 | CVE-2017-18446 | cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250). | Cpanel | 6.3 | ||
| 2019-08-01 | CVE-2016-10814 | cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). | Cpanel | 8.8 | ||
| 2019-08-02 | CVE-2017-18431 | cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941). | Cpanel | 7.5 | ||
| 2019-08-02 | CVE-2017-18404 | cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341). | Cpanel | 3.1 | ||
| 2019-08-02 | CVE-2017-18403 | cPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archives (SEC-337). | Cpanel | 6.3 | ||
| 2019-08-02 | CVE-2017-18402 | cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336). | Cpanel | 5.4 | ||
| 2019-08-02 | CVE-2017-18401 | cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334). | Cpanel | 2.7 | ||
| 2019-08-02 | CVE-2017-18400 | cPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333). | Cpanel | 7.8 | ||
| 2019-08-02 | CVE-2017-18399 | cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332). | Cpanel | 3.7 |