Cpanel CpanelIn cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account ter…
Cpanel CpanelIn cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelIn cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disapp…
Cpanel CpanelcPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mi…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement downl…
Cpanel CpanelcPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archive…
Cpanel CpanelcPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.15 allows code execution in the context of the root account because of weak permi…
Cpanel CpanelcPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upl…
Cpanel CpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-3…
Cpanel CpanelcPanel before 68.0.15 allows unprivileged users to access restricted directories during account rest…
Cpanel CpanelcPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310)…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel Cpanelbin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.