Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cpanel Subscribe
Total 425 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20913 1 Cpanel 1 Cpanel 2019-08-02 3.5 LOW 4.9 MEDIUM
cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364).
CVE-2018-20914 1 Cpanel 1 Cpanel 2019-08-02 4.9 MEDIUM 7.3 HIGH
In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368).
CVE-2018-20881 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446).
CVE-2018-20879 1 Cpanel 1 Cpanel 2019-08-01 6.5 MEDIUM 6.3 MEDIUM
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444).
CVE-2018-20878 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441).
CVE-2018-20877 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437).
CVE-2018-20876 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).
CVE-2018-20875 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433).
CVE-2018-20884 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367).
CVE-2018-20885 1 Cpanel 1 Cpanel 2019-08-01 5.0 MEDIUM 5.3 MEDIUM
cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).
CVE-2018-20887 1 Cpanel 1 Cpanel 2019-08-01 7.5 HIGH 9.8 CRITICAL
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420).
CVE-2018-20910 1 Cpanel 1 Cpanel 2019-08-01 4.3 MEDIUM 6.1 MEDIUM
cPanel before 70.0.23 allows self XSS in the WHM cPAddons showsecurity Interface (SEC-357).
CVE-2018-20915 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369).
CVE-2018-20916 1 Cpanel 1 Cpanel 2019-08-01 3.5 LOW 5.4 MEDIUM
cPanel before 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370).
CVE-2018-20917 1 Cpanel 1 Cpanel 2019-08-01 2.1 LOW 5.5 MEDIUM
cPanel before 70.0.23 allows any user to disable Solr (SEC-371).
CVE-2018-20918 1 Cpanel 1 Cpanel 2019-08-01 4.3 MEDIUM 6.1 MEDIUM
cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372).
CVE-2018-20919 1 Cpanel 1 Cpanel 2019-08-01 4.3 MEDIUM 6.1 MEDIUM
cPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373).
CVE-2018-20920 1 Cpanel 1 Cpanel 2019-08-01 4.3 MEDIUM 6.1 MEDIUM
cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374).
CVE-2018-20921 1 Cpanel 1 Cpanel 2019-08-01 4.3 MEDIUM 6.1 MEDIUM
cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).
CVE-2018-20922 1 Cpanel 1 Cpanel 2019-08-01 4.3 MEDIUM 6.1 MEDIUM
cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).