11 matches found
CVE-2021-26266
cPanel before 92.0.9 allows a Reseller to bypass the suspension lock SEC-578...
CVE-2021-26267
cPanel before 92.0.9 allows a MySQL user who has an old-style password hash to bypass suspension SEC-579...
CVE-2020-29136
In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach SEC-575...
CVE-2020-26099
cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism SEC-491...
CVE-2016-10826
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests SEC-93...
Authentication flaw
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests SEC-93...
CVE-2016-10825
cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents SEC-92...
CVE-2016-10832
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging SEC-102...
CVE-2016-10834
cPanel before 55.9999.141 allows account-suspension bypass via ftp SEC-105...
CVE-2018-20906
cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction SEC-430...
CVE-2016-10857
cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit SEC-60...