Lucene search
K

56 matches found

Cvelist
Cvelist
added 2019/08/02 1:7 p.m.31 views

CVE-2017-18397

cPanel before 68.0.15 does not preserve permissions for local backup transport SEC-330...

4AI score0.00362EPSS
Exploits0References1
Prion
Prion
added 2019/08/01 5:15 p.m.16 views

Authentication flaw

cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration SEC-383...

4.3CVSS6AI score0.00647EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/08/01 4:15 p.m.21 views

CVE-2018-20925

cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface SEC-379...

6.7CVSS6.7AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 4:15 p.m.3 views

CVE-2016-10846

cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions SEC-79...

8.1CVSS5.9AI score0.01325EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 3:15 p.m.4 views

CVE-2018-20917

cPanel before 70.0.23 allows any user to disable Solr SEC-371...

5.5CVSS5.8AI score0.00343EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 3:15 p.m.3 views

CVE-2018-20922

cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action SEC-376...

6.1CVSS5.8AI score0.00647EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 3:15 p.m.2 views

CVE-2018-20904

cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction SEC-427...

4.3CVSS5.8AI score0.0062EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 3:15 p.m.2 views

CVE-2018-20901

cPanel before 71.9980.37 allows Remote-Stored XSS in WHM Save Theme Interface SEC-400...

6.1CVSS5.8AI score0.00647EPSS
Exploits0References1
Prion
Prion
added 2019/08/01 3:15 p.m.16 views

Command injection

cPanel before 70.0.23 allows demo accounts to execute code via awstats SEC-362...

6.5CVSS6.6AI score0.01014EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/01 2:51 p.m.19 views

CVE-2018-20922

cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action SEC-376...

6AI score0.00647EPSS
Exploits0References1
Prion
Prion
added 2019/08/01 1:15 p.m.14 views

Code injection

cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API SEC-444...

6.5CVSS6.8AI score0.00992EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/08/01 1:15 p.m.17 views

Cross site scripting

cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface SEC-434...

3.5CVSS5.2AI score0.00519EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/01 1:5 p.m.20 views

CVE-2018-20889

cPanel before 74.0.0 allows certain file-read operations via password file caching SEC-425...

5AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2019/07/30 1:15 p.m.2 views

CVE-2019-14390

cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface SEC-512...

5.4CVSS6AI score
Exploits0References1
Packet Storm
Packet Storm
added 2006/12/08 12:0 a.m.24 views

aria-cpanel.txt

Aria-Security Team Advisory Original Advisory: http://www.aria-security.com/forum/showthread.php?t=68 ----------------------------------------------------------- Vulnerability: cPanel Version 11 Pops.Html Cross-Site Scripting PoC: http://target:2082/mail/pops.html?domain=XSS Contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/13 12:0 a.m.21 views

cPanel 10 - 'newuser.html' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
Rows per page
Query Builder