Cpanel Security Vulnerabilities

CVE-2016-10822

cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).

CVE-2016-10823

cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).

CVE-2016-10824

cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).

CVE-2016-10825

cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92).

CVE-2016-10826

cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).

CVE-2016-10827

cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).

CVE-2016-10828

cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).

CVE-2016-10829

cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).

CVE-2016-10830

cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).

CVE-2016-10831

cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).

CVE-2016-10832

cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).

CVE-2016-10833

cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).

CVE-2016-10834

cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).

CVE-2016-10835

cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).

CVE-2016-10836

cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).

CVE-2016-10837

cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).

CVE-2016-10838

cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70).

CVE-2016-10839

cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71).

CVE-2016-10840

cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).

CVE-2016-10841

The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73).

CVE-2016-10842

cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).

CVE-2016-10843

cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76).

CVE-2016-10844

The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77).

CVE-2016-10845

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).

CVE-2016-10846

cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79).

CVE-2016-10847

cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80).

CVE-2016-10848

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).

CVE-2016-10849

cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82).

CVE-2016-10850

cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83).

CVE-2016-10851

cPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84).

CVE-2016-10852

cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).

CVE-2016-10853

cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86).

CVE-2016-10854

cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87).

CVE-2016-10855

cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).

CVE-2016-10856

cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).

CVE-2016-10857

cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).

CVE-2016-10858

cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).

CVE-2016-10859

cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).

CVE-2016-10860

cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).

CVE-2017-11441

The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297.

CVE-2017-18382

cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).

CVE-2017-18383

cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).

CVE-2017-18384

cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310).

CVE-2017-18385

cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).

CVE-2017-18386

cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).

CVE-2017-18387

cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314).

CVE-2017-18388

cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315).

CVE-2017-18389

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).

CVE-2017-18390

cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322).

CVE-2017-18391

cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323).