410 matches found
Design/Logic Flaw
cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer SEC-332...
CVE-2017-18399
CVE-2017-18399 affects cPanel prior to 68.0.15. The issue allows an attacker to read the root user’s crontab file during a short interval when enabling or disabling the sqloptimizer feature (SEC-332). Public references in the dataset confirm affected product/version and the disclosure, with no ex...
CVE-2017-18399
cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer SEC-332...
CVE-2018-20940
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups SEC-342...
CVE-2018-20942
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab SEC-351...
CVE-2018-20943
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task SEC-352...
CVE-2018-20942
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab SEC-351...
CVE-2018-20940
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups SEC-342...
CVE-2018-20927
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing SEC-382...
CVE-2018-20927
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing SEC-382...
Design/Logic Flaw
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing SEC-382...
CVE-2018-20943
CVE-2018-20943 affects cPanel prior to 68.0.27 and allows read access to the root user’s crontab during a short interval after a post-update task (SEC-352). This is an information disclosure vulnerability with low severity per the provided metrics; no exploitation details or fix/version remediati...
CVE-2018-20943
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task SEC-352...
CVE-2018-20942
CVE-2018-20942 affects cPanel before 68.0.27. It enables a local attacker to read root's crontab during a short interval while configuring crontab (SEC-351). The CNVD entry describes the root cause as improper handling of concurrent access to shared resources during crontab operation, indicating ...
CVE-2018-20942
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab SEC-351...
CVE-2018-20940
CVE-2018-20940 affects cPanel prior to 68.0.27. The (local) vulnerability allows an attacker to read the root user’s crontab file for a brief window when backups are enabled. Exploitation details are not provided in the connected documents, and there is no explicit remediation or patch informatio...
CVE-2018-20940
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups SEC-342...
CVE-2018-20927
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing SEC-382...
CVE-2018-20927
CVE-2018-20927 (cPanel) affects cPanel prior to 70.0.23, where jailshell escape is possible due to incorrect crontab parsing (SEC-382). Exploitation is described as local (attack vector LOCAL) with LOW severity in CVSSv3 (3.8) and LOW in CVSSv2 (2.1). The root cause is mis-parsing of crontab entr...
CVE-2018-20902
cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation SEC-408...