5 matches found
CVE-2020-7914
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3...
CVE-2017-18405
CVE-2017-18405 affects cPanel before 68.0.15. The issue arises from the backup .htaccess modification logic (SEC-345) and enables arbitrary file-read operations. The vulnerability is locally exploitable with no user interaction required, and could lead to exposure of restricted files (confidentia...
CVE-2016-10815
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs SEC-120...
CVE-2016-10836
CVE-2016-10836 affects cPanel prior to version 55.9999.141. The vulnerability allows arbitrary file-read operations during authentication with CalDAV. The issue is confirmed in multiple sources (NVD entry and Red Hat/CVE pages). Affected software: cPanel before 55.9999.141. Root cause: improper f...
Design/Logic Flaw
cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin SEC-466...