Filters

Cpanel CpanelIn cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disapp…

7.8
First published (updated )

Cpanel CpanelcPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mi…

2.5
First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelXSS

First published (updated )

Cpanel CpanelcPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement downl…

First published (updated )

Cpanel CpanelSQL Injection

7.5
First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341).

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelcPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archive…

First published (updated )

Cpanel CpanelXSS

First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelCommand Injection

7.8
First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelcPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).

3.3
First published (updated )

Cpanel CpanelInfoleak

First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelInput Validation

2.1
First published (updated )

Cpanel CpanelInfoleak

2.5
First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows code execution in the context of the root account because of weak permi…

7.8
First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelInput Validation

7.8
First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upl…

First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-3…

First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows unprivileged users to access restricted directories during account rest…

First published (updated )

Cpanel CpanelcPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310)…

3.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelcPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).

7.8
First published (updated )

Cpanel CpanelInput Validation

First published (updated )

Cpanel CpanelXSS

First published (updated )

Cpanel CpanelInfoleak

First published (updated )

Cpanel CpanelXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelXSS

First published (updated )

Cpanel CpanelXSS

First published (updated )

Cpanel CpanelXSS

First published (updated )

Cpanel CpanelcPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).

First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel Cpanelbin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).

7.9
First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Cpanel CpanelInfoleak

2.5
First published (updated )

Cpanel CpanelInfoleak

2.5
First published (updated )

Cpanel CpanelInfoleak

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Cpanel CpanelRace Condition

3.3
First published (updated )

Cpanel CpanelInfoleak

3.3
First published (updated )

Cpanel CpanelcPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-3…

First published (updated )

Cpanel CpanelcPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).

First published (updated )

Cpanel CpanelcPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).

3.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203