Total
418 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18383 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).
|
|||||
| CVE-2017-18382 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
|
cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).
|
|||||
| CVE-2016-10860 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).
|
|||||
| CVE-2016-10859 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).
|
|||||
| CVE-2016-10858 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
|
cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).
|
|||||
| CVE-2016-10857 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).
|
|||||
| CVE-2016-10856 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).
|
|||||
| CVE-2016-10855 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
|
|||||
| CVE-2016-10854 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87).
|
|||||
| CVE-2016-10853 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86).
|
|||||
| CVE-2016-10852 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).
|
|||||
| CVE-2016-10851 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
cPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84).
|
|||||
| CVE-2016-10850 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83).
|
|||||
| CVE-2016-10849 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82).
|
|||||
| CVE-2016-10848 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
|
|||||
| CVE-2016-10847 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80).
|
|||||
| CVE-2016-10846 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 8.5 HIGH | 8.1 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79).
|
|||||
| CVE-2016-10845 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.1 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).
|
|||||
| CVE-2016-10844 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77).
|
|||||
| CVE-2016-10843 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76).
|
|||||
| CVE-2016-10842 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).
|
|||||
| CVE-2016-10841 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 2.1 LOW | 5.3 MEDIUM |
|
The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73).
|
|||||
| CVE-2016-10840 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).
|
|||||
| CVE-2016-10839 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71).
|
|||||
| CVE-2016-10838 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
|
cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70).
|
|||||
| CVE-2016-10837 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 8.5 HIGH | 7.5 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
|
|||||
| CVE-2016-10836 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).
|
|||||
| CVE-2016-10835 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).
|
|||||
| CVE-2016-10834 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).
|
|||||
| CVE-2016-10833 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
|
|||||
| CVE-2016-10832 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
|
|||||
| CVE-2016-10831 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).
|
|||||
| CVE-2016-10830 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).
|
|||||
| CVE-2016-10829 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
|
cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).
|
|||||
| CVE-2016-10828 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).
|
|||||
| CVE-2016-10827 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).
|
|||||
| CVE-2016-10826 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).
|
|||||
| CVE-2016-10825 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92).
|
|||||
| CVE-2016-10824 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
|
cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
|
|||||
| CVE-2016-10823 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).
|
|||||