15 matches found
CVE-2017-18404
cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD SEC-341...
CVE-2017-18384
cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail SEC-310...
EUVD-2017-9499
Malware in sbrugna...
cPanel path traversal vulnerability (CNVD-2019-30467)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A path traversal vulnerability exists in versions of cPanel prior to 68.0.15. The vulnerability stems from a failure of a network...
cPanel Input Validation Error Vulnerability (CNVD-2019-29636)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 68.0.15. No detailed vulnerability details are provided at this ti...
cPanel Access Control Error Vulnerability (CNVD-2019-29607)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 68.0.15. An attacker can exploit the vulnerability to...
cPanel path traversal vulnerability (CNVD-2019-30465)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A path traversal vulnerability exists in versions of cPanel prior to 68.0.15. The vulnerability stems from a failure of a network...
cPanel Privilege Permission and Access Control Issues Vulnerability (CNVD-2019-29608)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in cPanel versions prior to 68.0.15, which stems from the program writing backup files o...
cPanel cross-site scripting vulnerability (CNVD-2019-30461)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 68.0.15. The vulnerability stems from a lack of proper...
CVE-2017-18389
cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin SEC-318...
CVE-2017-18387
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload SEC-314...
Format string
cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin SEC-318...
Design/Logic Flaw
cPanel before 68.0.15 writes home-directory backups to an incorrect location SEC-309...
Design/Logic Flaw
cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores SEC-311...
CVE-2017-18397
cPanel before 68.0.15 does not preserve permissions for local backup transport SEC-330...