23 matches found
CVE-2017-18404
cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD SEC-341...
CVE-2017-18394
cPanel before 68.0.15 does not have a sufficient list of reserved usernames SEC-327...
CVE-2017-18384
cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail SEC-310...
EUVD-2017-9499
Malware in sbrugna...
CVE-2017-18389
cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin SEC-318...
cPanel Input Validation Error Vulnerability (CNVD-2019-29636)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 68.0.15. No detailed vulnerability details are provided at this ti...
cPanel Input Validation Error Vulnerability (CNVD-2019-29604)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 68.0.15, which stems from the program allowing user accounts to be...
cPanel Information Disclosure Vulnerability (CNVD-2019-29718)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An information disclosure vulnerability exists in versions of cPanel prior to 68.0.15. The vulnerability stems from a configurati...
cPanel path traversal vulnerability (CNVD-2019-30465)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A path traversal vulnerability exists in versions of cPanel prior to 68.0.15. The vulnerability stems from a failure of a network...
cPanel Privilege Permission and Access Control Issues Vulnerability (CNVD-2019-29608)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in cPanel versions prior to 68.0.15, which stems from the program writing backup files o...
cPanel Access Control Error Vulnerability (CNVD-2019-29607)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 68.0.15. An attacker can exploit the vulnerability to...
cPanel Authorization Issues Vulnerability (CNVD-2019-29606)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. The security vulnerability in cPanel versions prior to 68.0.15 stems from the program assigning weak privileges for...
cPanel Injection Vulnerability (CNVD-2019-29634)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 68.0.15. An attacker can exploit the vulnerability to execute...
cPanel path traversal vulnerability (CNVD-2019-30467)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A path traversal vulnerability exists in versions of cPanel prior to 68.0.15. The vulnerability stems from a failure of a network...
cPanel cross-site scripting vulnerability (CNVD-2019-30461)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 68.0.15. The vulnerability stems from a lack of proper...
CVE-2017-18389
cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin SEC-318...
CVE-2017-18387
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload SEC-314...
Design/Logic Flaw
cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores SEC-311...
Format string
cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin SEC-318...
Design/Logic Flaw
cPanel before 68.0.15 writes home-directory backups to an incorrect location SEC-309...