CVE-2019-14386

cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface SEC-504...

CVE-2019-14387

cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates SEC-506...

cPanel Permission License and Access Control Issues Vulnerability (CNVD-2019-29617)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A vulnerability exists in cPanel prior to version 82.0.2 for privilege permission and access control issues. The vulnerability...

cPanel Information Disclosure Vulnerability (CNVD-2019-25330)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An information disclosure vulnerability exists in cPanel versions prior to 82.0.2. A local attacker can exploit this vulnerabilit...

cPanel cross-site scripting vulnerability (CNVD-2019-26366)

cPanel is a set of the most prestigious commercial software in the web hosting industry, which is based on Linux and BSD system, developed in PHP and closed-source software in nature, providing powerful and quite complete hosting management functions. A stored cross-site scripting vulnerability...

CVE-2019-14387

CVE-2019-14387 affects cPanel before 82.0.2, with a Self XSS vulnerability in the cPanel and webmail master templates (SEC-506). Root cause is client-side script execution via crafted input in template code. Impact, per CVSS data, is MEDIUM: network access with exploitation requiring user interac...