EUVD-2019-5620

Malware in sbrugna...

Mozilla: X-Frame-Options bypass using object or embed tags

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

UBUNTU-CVE-2020-15648

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

openSUSE Security Update : MozillaFirefox (openSUSE-2020-1034)

This update for MozillaFirefox fixes the following issues : - Mozilla Firefox 78.0.2 MFSA 2020-28 bsc1173948 - MFSA-2020-0003 bmo1644076 X-Frame-Options bypass using object or embed tags - Firefox Extended Support Release 78.0.2esr ESR - Fixed: Security fix - Fixed: Fixed an accessibility...

cPanel Input Validation Error Vulnerability

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from a web-based...

cPanel Input Validation Error Vulnerability (CNVD-2019-26370)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from a web-based...

cPanel Input Validation Error Vulnerability (CNVD-2019-26371)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from a web-based...

cPanel Information Disclosure Vulnerability

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. An information disclosure vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from an...

cPanel Information Disclosure Vulnerability (CNVD-2019-25326)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An information disclosure vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from an error in th...

CVE-2019-14411

cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI SEC-473...

CVE-2019-14407

cPanel before 78.0.2 reveals internal data to OpenID providers SEC-415...

CVE-2019-14408

cPanel before 78.0.2 allows a demo account to link with an OpenID provider SEC-460...

Design/Logic Flaw

cPanel before 78.0.2 reveals internal data to OpenID providers SEC-415...

Design/Logic Flaw

cPanel before 78.0.2 allows a demo account to link with an OpenID provider SEC-460...

Design/Logic Flaw

cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI SEC-473...

CVE-2019-14414

CVE-2019-14414 affects cPanel before 78.0.2, where a Userdata cache temporary file can conflict with domains (SEC-478). The vulnerability concerns the Userdata cache handling and is documented with a Low severity (CVSSv2/3: low, local access, partial integrity impact). Exploitation details are no...