VYPR

Cpanel

by CPanel

CVEs (413)

  • CVE-2016-10826Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).

  • CVE-2016-10822Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).

  • CVE-2016-10823Aug 1, 2019
    risk 0.00cvss epss 0.02

    cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).

  • CVE-2016-10824Aug 1, 2019
    risk 0.00cvss epss 0.03

    cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).

  • CVE-2016-10825Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92).

  • CVE-2016-10827Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).

  • CVE-2016-10828Aug 1, 2019
    risk 0.00cvss epss 0.03

    cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).

  • CVE-2016-10829Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).

  • CVE-2016-10830Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).

  • CVE-2016-10831Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).

  • CVE-2018-20953Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).

  • CVE-2018-20952Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).

  • CVE-2018-20951Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).

  • CVE-2018-20950Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).

  • CVE-2018-20949Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).

  • CVE-2018-20948Aug 1, 2019
    risk 0.00cvss epss 0.01

    cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).

  • CVE-2018-20947Aug 1, 2019
    risk 0.00cvss epss 0.00

    cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).

  • CVE-2018-20946Aug 1, 2019
    risk 0.00cvss epss 0.00

    cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).

  • CVE-2018-20945Aug 1, 2019
    risk 0.00cvss epss 0.01

    bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).

  • CVE-2018-20944Aug 1, 2019
    risk 0.00cvss epss 0.00

    cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).

Page 13 of 21