8 matches found
EUVD-2026-28810
Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...
CVE-2026-29201
Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...
CVE-2026-29201
Insufficient input validation in the feature::LOADFEATUREFILE AdminBin call in cPanel/WHM can lead to arbitrary file read when a relative file path is supplied. Affected product/version scope includes cPanel/WHM prior to versions listed as fixed in PT-2026-38673 (and WP Squared) such as 11.136.0....
CVE-2026-29201
Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...
CVE-2017-18434
cPanel before 64.0.21 allows code execution in the context of the root account via a SETVHOSTLANGPACKAGE multilang adminbin call SEC-237...
EUVD-2017-9550
Malware in sbrugna...
Code injection
cPanel before 64.0.21 allows code execution in the context of the root account via a SETVHOSTLANGPACKAGE multilang adminbin call SEC-237...
CVE-2017-18434
cPanel before 64.0.21 allows code execution in the context of the root account via a SETVHOSTLANGPACKAGE multilang adminbin call SEC-237...