Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cpanel Subscribe
Filtered by product Cpanel
Total 416 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10785 1 Cpanel 1 Cpanel 2019-08-08 4.0 MEDIUM 6.5 MEDIUM
cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185).
CVE-2017-18456 1 Cpanel 1 Cpanel 2019-08-08 4.3 MEDIUM 6.1 MEDIUM
cPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217).
CVE-2018-20947 1 Cpanel 1 Cpanel 2019-08-08 2.1 LOW 5.5 MEDIUM
cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).
CVE-2018-20952 1 Cpanel 1 Cpanel 2019-08-08 4.0 MEDIUM 6.5 MEDIUM
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
CVE-2016-10845 1 Cpanel 1 Cpanel 2019-08-08 6.5 MEDIUM 8.1 HIGH
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).
CVE-2018-20953 1 Cpanel 1 Cpanel 2019-08-08 4.3 MEDIUM 6.1 MEDIUM
cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).
CVE-2016-10846 1 Cpanel 1 Cpanel 2019-08-08 8.5 HIGH 8.1 HIGH
cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79).
CVE-2016-10843 1 Cpanel 1 Cpanel 2019-08-08 5.5 MEDIUM 8.1 HIGH
cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76).
CVE-2016-10768 1 Cpanel 1 Cpanel 2019-08-08 5.5 MEDIUM 6.5 MEDIUM
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161).
CVE-2016-10769 1 Cpanel 1 Cpanel 2019-08-08 5.8 MEDIUM 6.1 MEDIUM
cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162).
CVE-2016-10776 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).
CVE-2016-10777 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177).
CVE-2016-10780 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180).
CVE-2016-10778 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).
CVE-2016-10781 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180).
CVE-2016-10782 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181).
CVE-2016-10784 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184).
CVE-2016-10783 1 Cpanel 1 Cpanel 2019-08-08 3.5 LOW 5.4 MEDIUM
cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182).
CVE-2018-20941 1 Cpanel 1 Cpanel 2019-08-08 4.7 MEDIUM 5.6 MEDIUM
cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349).
CVE-2018-20929 1 Cpanel 1 Cpanel 2019-08-08 5.8 MEDIUM 6.1 MEDIUM
cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392).