18 matches found
CVE-2016-10828
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path SEC-97...
cPanel Authorization Issues Vulnerability (CNVD-2020-04082)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. No detailed vulnerability details are currently availabl...
cPanel Security Feature Issue Vulnerability (CNVD-2020-03751)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. No detailed vulnerability details are currently availabl...
cPanel Input Validation Error Vulnerability (CNVD-2019-29015)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An authorization issue vulnerability exists in versions prior to cPanel 55.9999.141. The vulnerability stems from a lack of...
cPanel cross-site scripting vulnerability (CNVD-2019-29016)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in X3 Reseller Branding Images in versions prior to cPanel 55.9999.141. The...
cPanel path traversal vulnerability (CNVD-2019-29017)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. An attacker can exploit the vulnerability to execute...
cPanel Authorization Issues Vulnerability (CNVD-2019-28997)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. An attacker can exploit this vulnerability to bypass the...
cPanel Access Control Error Vulnerability (CNVD-2019-29007)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An access control error vulnerability exists in versions prior to cPanel 55.9999.141. The vulnerability stems from a network syst...
cPanel Authorization Issues Vulnerability (CNVD-2019-29619)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. An attacker could exploit the vulnerability to...
cPanel Authorization Issues Vulnerability (CNVD-2019-29612)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 55.9999.141. An attacker can exploit the vulnerability to perform...
Code injection
cPanel before 55.9999.141 allows daemons to access their controlling TTYs SEC-31...
CVE-2016-10835
cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging SEC-107...
CVE-2016-10822
cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images SEC-88...
CVE-2016-10831
cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account SEC-101...
CVE-2016-10832
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging SEC-102...
CVE-2016-10823
cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation SEC-89...
CVE-2016-10831
CVE-2016-10831 affects cPanel before 55.9999.141. The issue is an authentication flaw where possessing another account does not trigger a two-factor authentication check (SEC-101). The vulnerability is described across multiple sources as an authorization/authentication issue in these versions. I...
CVE-2016-10836
CVE-2016-10836 affects cPanel prior to version 55.9999.141. The vulnerability allows arbitrary file-read operations during authentication with CalDAV. The issue is confirmed in multiple sources (NVD entry and Red Hat/CVE pages). Affected software: cPanel before 55.9999.141. Root cause: improper f...