Filters

Cpanel CpanelIn cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).

3.3
First published (updated )

Cpanel CpanelcPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).

3.3
First published (updated )

Cpanel CpanelCVE-2016-10772

First published (updated )

Cpanel CpanelInput Validation

3.6
First published (updated )

Cpanel CpanelInfoleak

3.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelIn cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account ter…

3.3
First published (updated )

Cpanel CpanelInfoleak

2.5
First published (updated )

Cpanel CpanelIn cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).

3.3
First published (updated )

Cpanel CpanelIn cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280).

2.5
First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelIn cPanel before 66.0.2, domain log files become readable after log processing (SEC-273).

3.3
First published (updated )

Cpanel CpanelIn cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272…

3.3
First published (updated )

Cpanel CpanelcPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).

3.3
First published (updated )

Cpanel CpanelcPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mi…

2.5
First published (updated )

Cpanel CpanelcPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).

3.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelInput Validation

2.1
First published (updated )

Cpanel CpanelInfoleak

2.5
First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310)…

3.8
First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelInfoleak

2.5
First published (updated )

Cpanel CpanelInfoleak

2.5
First published (updated )

Cpanel CpanelRace Condition

3.3
First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Cpanel CpanelcPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).

3.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelcPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).

3.8
First published (updated )

Cpanel CpanelInput Validation

3.3
First published (updated )

Cpanel CpanelCode Injection

3.9
First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Cpanel CpanelInput Validation

2.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelcPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (S…

3.3
First published (updated )

Cpanel CpanelInput Validation

3.3
First published (updated )

Cpanel CpanelIn cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478).

3.3
First published (updated )

Cpanel CpanelMaketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAP…

3.3
First published (updated )

Cpanel CpanelMaketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-…

3.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelcPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481).

3.3
First published (updated )

Cpanel CpanelAPI Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).

3.3
First published (updated )

Cpanel CpanelcPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).

3.3
First published (updated )

Cpanel CpanelcPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).

3.3
First published (updated )

Cpanel CpanelXSS

3.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelXSS

2.6
First published (updated )

Cpanel CpanelOpenwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME envir…

3.3
First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203