Cpanel CpanelcPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).
Cpanel CpanelcPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list ar…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).
Cpanel CpanelcPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
Cpanel CpanelcPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).
Cpanel CpanelcPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (S…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processi…
Cpanel CpanelcPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
Cpanel CpanelcPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable …
Cpanel CpanelcPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxp…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelThe bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73).
Cpanel CpanelcPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).
Cpanel CpanelcPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (S…
Cpanel CpanelcPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).
Cpanel CpanelcPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).
Cpanel CpanelcPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).
Cpanel CpanelcPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.