14 matches found
EUVD-2016-1854
Malware in sbrugna...
EUVD-2018-13476
Malware in sbrugna...
CVE-2018-20938
cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls SEC-324...
CVE-2017-18480
cPanel before 62.0.4 does not enforce account ownership for hasmycnfforcpuser WHM API calls SEC-210...
CVE-2016-10860
cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API SEC-66...
CVE-2020-26113
cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces SEC-569...
CVE-2017-18480
cPanel before 62.0.4 does not enforce account ownership for hasmycnfforcpuser WHM API calls SEC-210...
Code injection
cPanel before 62.0.4 does not enforce account ownership for hasmycnfforcpuser WHM API calls SEC-210...
CVE-2017-18480
CVE-2017-18480 affects cPanel/WHM: prior to 62.0.4, has_mycnf_for_cpuser API calls do not enforce account ownership, per SEC-210. Root cause is missing ownership checks in those WHM API calls. Impact as stated: potential exposure of sensitive configuration data via API calls; CVSS v3 vector indic...
CVE-2017-18480
cPanel before 62.0.4 does not enforce account ownership for hasmycnfforcpuser WHM API calls SEC-210...
CVE-2016-10860
cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API SEC-66...
Design/Logic Flaw
cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API SEC-66...
CVE-2016-10860
CVE-2016-10860 affects cPanel before 11.54.0.0 and is documented as allowing unauthorized zone modification through the WHM API (SEC-66). The vulnerability is corroborated across multiple sources in the connected documents (NVD entry and Red Hat advisory), which state the same affected software a...
CVE-2016-10860
cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API SEC-66...