Search Results

There are 436 CVE Records that match your search.
Name Description
CVE-2023-29489 An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
CVE-2022-48623 The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
CVE-2022-47532 FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users&section=cpanel&page=list request.
CVE-2021-38590 In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
CVE-2021-38589 In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588).
CVE-2021-38588 In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587).
CVE-2021-38587 In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586).
CVE-2021-38586 In cPanel before 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).
CVE-2021-38585 The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585).
CVE-2021-38584 The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585).
CVE-2021-31803 cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581).
CVE-2021-26267 cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
CVE-2021-26266 cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
CVE-2020-29472 EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
CVE-2020-29137 cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577).
CVE-2020-29136 In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
CVE-2020-29135 cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567).
CVE-2020-26115 cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574).
CVE-2020-26114 cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573).
CVE-2020-26113 cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569).
CVE-2020-26112 The email quota cache in cPanel before 90.0.10 allows overwriting of files.
CVE-2020-26111 cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566).
CVE-2020-26110 cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564).
CVE-2020-26109 cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557).
CVE-2020-26108 cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
CVE-2020-26107 cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
CVE-2020-26106 cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).
CVE-2020-26105 In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
CVE-2020-26104 In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).
CVE-2020-26103 In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).
CVE-2020-26102 In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).
CVE-2020-26101 In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
CVE-2020-26100 chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).
CVE-2020-26099 cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).
CVE-2020-26098 cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
CVE-2020-12785 cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature (SEC-540).
CVE-2020-12784 cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings (SEC-505).
CVE-2020-10122 cPanel before 84.0.20 allows a webmail or demo account to delete arbitrary files (SEC-547).
CVE-2020-10121 cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).
CVE-2020-10120 cPanel before 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell (SEC-545).
CVE-2020-10119 cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
CVE-2020-10118 cPanel before 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
CVE-2020-10117 cPanel before 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
CVE-2020-10116 cPanel before 84.0.20 allows attackers to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).
CVE-2020-10115 cPanel before 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).
CVE-2020-10114 cPanel before 84.0.20 allows stored self-XSS via the HTML file editor (SEC-535).
CVE-2020-10113 cPanel before 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).
CVE-2019-20498 cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
CVE-2019-20497 cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).
CVE-2019-20496 cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing (SEC-532).
CVE-2019-20495 cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531).
CVE-2019-20494 In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
CVE-2019-20493 cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).
CVE-2019-20492 cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516).
CVE-2019-20491 cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508).
CVE-2019-20490 cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499).
CVE-2019-17380 cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface (SEC-528).
CVE-2019-17379 cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527).
CVE-2019-17378 cPanel before 82.0.15 allows self XSS in the SSL Key Delete interface (SEC-526).
CVE-2019-17377 cPanel before 82.0.15 allows self XSS in LiveAPI example scripts (SEC-524).
CVE-2019-17376 cPanel before 82.0.15 allows self XSS in the SSL Certificate Upload interface (SEC-521).
CVE-2019-17375 cPanel before 82.0.15 allows API token credentials to persist after an account has been renamed or terminated (SEC-517).
CVE-2019-14414 In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478).
CVE-2019-14413 cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476).
CVE-2019-14412 Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).
CVE-2019-14411 cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473).
CVE-2019-14410 Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).
CVE-2019-14409 cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).
CVE-2019-14408 cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460).
CVE-2019-14407 cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415).
CVE-2019-14406 cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing (SEC-493).
CVE-2019-14405 cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487).
CVE-2019-14404 cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).
CVE-2019-14403 cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483).
CVE-2019-14402 cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481).
CVE-2019-14401 cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480).
CVE-2019-14400 cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479).
CVE-2019-14399 The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477).
CVE-2019-14398 cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498).
CVE-2019-14397 cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496).
CVE-2019-14396 API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).
CVE-2019-14395 cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
CVE-2019-14394 cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).
CVE-2019-14393 cPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486).
CVE-2019-14392 cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501).
CVE-2019-14391 cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
CVE-2019-14390 cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512).
CVE-2019-14389 cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510).
CVE-2019-14388 cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
CVE-2019-14387 cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506).
CVE-2019-14386 cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504).
CVE-2018-7735 Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata&section=cpanel&page=list_filetypes request.
CVE-2018-7734 Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=users&section=cpanel&page=list request.
CVE-2018-20953 cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).
CVE-2018-20952 cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
CVE-2018-20951 cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).
CVE-2018-20950 cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).
CVE-2018-20949 cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).
CVE-2018-20948 cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).
CVE-2018-20947 cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).
CVE-2018-20946 cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).
CVE-2018-20945 bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).
CVE-2018-20944 cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).
CVE-2018-20943 cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352).
CVE-2018-20942 cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).
CVE-2018-20941 cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349).
CVE-2018-20940 cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).
CVE-2018-20939 cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339).
CVE-2018-20938 cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).
CVE-2018-20937 cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).
CVE-2018-20936 cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).
CVE-2018-20935 cPanel before 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412).
CVE-2018-20934 cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411).
CVE-2018-20933 cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410).
CVE-2018-20932 cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
CVE-2018-20931 cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405).
CVE-2018-20930 cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401).
CVE-2018-20929 cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392).
CVE-2018-20928 cPanel before 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391).
CVE-2018-20927 cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).
CVE-2018-20926 cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380).
CVE-2018-20925 cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379).
CVE-2018-20924 cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
CVE-2018-20923 cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377).
CVE-2018-20922 cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).
CVE-2018-20921 cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).
CVE-2018-20920 cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374).
CVE-2018-20919 cPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373).
CVE-2018-20918 cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372).
CVE-2018-20917 cPanel before 70.0.23 allows any user to disable Solr (SEC-371).
CVE-2018-20916 cPanel before 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370).
CVE-2018-20915 cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369).
CVE-2018-20914 In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368).
CVE-2018-20913 cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364).
CVE-2018-20912 cPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362).
CVE-2018-20911 cPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of cpaddonsup (SEC-359).
CVE-2018-20910 cPanel before 70.0.23 allows self XSS in the WHM cPAddons showsecurity Interface (SEC-357).
CVE-2018-20909 cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338).
CVE-2018-20908 cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435).
CVE-2018-20907 cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432).
CVE-2018-20906 cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430).
CVE-2018-20905 cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429).
CVE-2018-20904 cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427).
CVE-2018-20903 cPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface (SEC-421).
CVE-2018-20902 cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408).
CVE-2018-20901 cPanel before 71.9980.37 allows Remote-Stored XSS in WHM Save Theme Interface (SEC-400).
CVE-2018-20900 cPanel before 71.9980.37 allows stored XSS in the YUM autorepair functionality (SEC-399).
CVE-2018-20899 cPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398).
CVE-2018-20898 cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396).
CVE-2018-20897 cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395).
CVE-2018-20896 cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).
CVE-2018-20895 In cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393).
CVE-2018-20894 cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).
CVE-2018-20893 cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442).
CVE-2018-20892 cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439).
CVE-2018-20891 cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436).
CVE-2018-20890 cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426).
CVE-2018-20889 cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425).
CVE-2018-20888 cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).
CVE-2018-20887 cPanel before 74.0.0 allows SQL injection during database backups (SEC-420).
CVE-2018-20886 cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418).
CVE-2018-20885 cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).
CVE-2018-20884 cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367).
CVE-2018-20883 cPanel before 74.0.8 allows FTP access during account suspension (SEC-449).
CVE-2018-20882 cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447).
CVE-2018-20881 cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446).
CVE-2018-20880 cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).
CVE-2018-20879 cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444).
CVE-2018-20878 cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441).
CVE-2018-20877 cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437).
CVE-2018-20876 cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).
CVE-2018-20875 cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433).
CVE-2018-20874 cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428).
CVE-2018-20873 cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
CVE-2018-20870 The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467).
CVE-2018-20869 cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).
CVE-2018-20868 cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464).
CVE-2018-20867 cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462).
CVE-2018-20866 cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461).
CVE-2018-20865 cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459).
CVE-2018-20864 cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454).
CVE-2018-20863 cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452).
CVE-2018-20862 cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
CVE-2018-16236 cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.
CVE-2017-18482 cPanel before 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).
CVE-2017-18481 cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211).
CVE-2017-18480 cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
CVE-2017-18479 In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209).
CVE-2017-18478 In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).
CVE-2017-18477 In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206).
CVE-2017-18476 Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205).
CVE-2017-18475 In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
CVE-2017-18474 cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201).
CVE-2017-18473 cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199).
CVE-2017-18472 cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198).
CVE-2017-18471 cPanel before 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197).
CVE-2017-18470 cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).
CVE-2017-18469 cPanel before 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233).
CVE-2017-18468 cPanel before 62.0.17 allows demo accounts to execute code via the Htaccess::setphppreference API (SEC-232).
CVE-2017-18467 cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229).
CVE-2017-18466 cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228).
CVE-2017-18465 cPanel before 62.0.17 does not have a sufficient list of reserved usernames (SEC-227).
CVE-2017-18464 cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226).
CVE-2017-18463 cPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path (SEC-225).
CVE-2017-18462 cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224).
CVE-2017-18461 cPanel before 62.0.17 allows does not preserve security policy questions across an account rename (SEC-223).
CVE-2017-18460 cPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221).
CVE-2017-18459 cPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220).
CVE-2017-18458 cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219).
CVE-2017-18457 cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218).
CVE-2017-18456 cPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217).
CVE-2017-18455 In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208).
CVE-2017-18454 cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262).
CVE-2017-18453 cPanel before 64.0.21 does not preserve supplemental groups across account renames (SEC-260).
CVE-2017-18452 cPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259).
CVE-2017-18451 cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257).
CVE-2017-18450 cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255).
CVE-2017-18449 cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254).
CVE-2017-18448 cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252).
CVE-2017-18447 cPanel before 64.0.21 allows demo accounts to execute code via the ClamScanner_getsocket API (SEC-251).
CVE-2017-18446 cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250).
CVE-2017-18445 cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249).
CVE-2017-18444 cPanel before 64.0.21 allows demo accounts to execute SSH API commands (SEC-248).
CVE-2017-18443 cPanel before 64.0.21 allows demo and suspended accounts to use SSH port forwarding (SEC-247).
CVE-2017-18442 cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246).
CVE-2017-18441 cPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245).
CVE-2017-18440 cPanel before 64.0.21 allows demo users to execute traceroute via api2 (SEC-244).
CVE-2017-18439 cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243).
CVE-2017-18438 cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242).
CVE-2017-18437 cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240).
CVE-2017-18436 cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239).
CVE-2017-18435 cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API (SEC-238).
CVE-2017-18434 cPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237).
CVE-2017-18433 cPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236).
CVE-2017-18432 In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234).
CVE-2017-18431 cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941).
CVE-2017-18430 In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294).
CVE-2017-18429 In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291).
CVE-2017-18428 In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290).
CVE-2017-18427 In cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).
CVE-2017-18426 cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288).
CVE-2017-18425 In cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280).
CVE-2017-18424 In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274).
CVE-2017-18423 In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273).
CVE-2017-18422 In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272).
CVE-2017-18421 cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).
CVE-2017-18420 cPanel before 66.0.2 allows stored XSS during WHM cPAddons processing (SEC-269).
CVE-2017-18419 cPanel before 66.0.2 allows stored XSS during WHM cPAddons uninstallation (SEC-266).
CVE-2017-18418 cPanel before 66.0.2 allows stored XSS during WHM cPAddons file operations (SEC-265).
CVE-2017-18417 cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263).
CVE-2017-18416 cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303).
CVE-2017-18415 cPanel before 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302).
CVE-2017-18414 cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300).
CVE-2017-18413 In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299).
CVE-2017-18412 cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296).
CVE-2017-18411 The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account (SEC-285).
CVE-2017-18410 In cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server (SEC-284).
CVE-2017-18409 In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283).
CVE-2017-18408 cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282).
CVE-2017-18407 cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279).
CVE-2017-18406 cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276).
CVE-2017-18405 cPanel before 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345).
CVE-2017-18404 cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341).
CVE-2017-18403 cPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archives (SEC-337).
CVE-2017-18402 cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336).
CVE-2017-18401 cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334).
CVE-2017-18400 cPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333).
CVE-2017-18399 cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332).
CVE-2017-18398 DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331).
CVE-2017-18397 cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).
CVE-2017-18396 cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).
CVE-2017-18395 cPanel before 68.0.15 does not block a username of ssl (SEC-328).
CVE-2017-18394 cPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327).
CVE-2017-18393 cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).
CVE-2017-18392 cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts (SEC-325).
CVE-2017-18391 cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323).
CVE-2017-18390 cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322).
CVE-2017-18389 cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).
CVE-2017-18388 cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315).
CVE-2017-18387 cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314).
CVE-2017-18386 cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).
CVE-2017-18385 cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).
CVE-2017-18384 cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310).
CVE-2017-18383 cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).
CVE-2017-18382 cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).
CVE-2017-11441 The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297.
CVE-2016-10860 cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).
CVE-2016-10859 cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).
CVE-2016-10858 cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).
CVE-2016-10857 cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).
CVE-2016-10856 cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).
CVE-2016-10855 cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
CVE-2016-10854 cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87).
CVE-2016-10853 cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86).
CVE-2016-10852 cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).
CVE-2016-10851 cPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84).
CVE-2016-10850 cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83).
CVE-2016-10849 cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82).
CVE-2016-10848 cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
CVE-2016-10847 cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80).
CVE-2016-10846 cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79).
CVE-2016-10845 cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).
CVE-2016-10844 The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77).
CVE-2016-10843 cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76).
CVE-2016-10842 cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).
CVE-2016-10841 The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73).
CVE-2016-10840 cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).
CVE-2016-10839 cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71).
CVE-2016-10838 cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70).
CVE-2016-10837 cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
CVE-2016-10836 cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).
CVE-2016-10835 cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).
CVE-2016-10834 cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).
CVE-2016-10833 cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
CVE-2016-10832 cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
CVE-2016-10831 cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).
CVE-2016-10830 cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).
CVE-2016-10829 cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).
CVE-2016-10828 cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).
CVE-2016-10827 cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).
CVE-2016-10826 cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).
CVE-2016-10825 cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92).
CVE-2016-10824 cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
CVE-2016-10823 cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).
CVE-2016-10822 cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).
CVE-2016-10821 In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75).
CVE-2016-10820 cPanel before 55.9999.141 allows daemons to access their controlling TTYs (SEC-31).
CVE-2016-10819 In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).
CVE-2016-10818 cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup (SEC-124).
CVE-2016-10817 cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
CVE-2016-10816 cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121).
CVE-2016-10815 cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).
CVE-2016-10814 cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).
CVE-2016-10813 cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).
CVE-2016-10812 In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117).
CVE-2016-10811 In cPanel before 57.9999.54, /scripts/unsuspendacct exposed TTYs (SEC-116).
CVE-2016-10810 In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115).
CVE-2016-10809 In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114).
CVE-2016-10808 In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113).
CVE-2016-10807 cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112).
CVE-2016-10806 cPanel before 57.9999.54 allows self XSS on the Paper Lantern Landing Page (SEC-110).
CVE-2016-10805 cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109).
CVE-2016-10804 The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58).
CVE-2016-10803 cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923).
CVE-2016-10802 cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142).
CVE-2016-10801 cPanel before 58.0.4 has improper session handling for shared users (SEC-139).
CVE-2016-10800 cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138).
CVE-2016-10799 cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).
CVE-2016-10798 cPanel before 58.0.4 allows a file-ownership change (to nobody) via rearrangeacct (SEC-134).
CVE-2016-10797 cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certificate" page visitors to list all server domains (SEC-133).
CVE-2016-10796 cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).
CVE-2016-10795 cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi interface (SEC-156).
CVE-2016-10794 cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154).
CVE-2016-10793 cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152).
CVE-2016-10792 cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141).
CVE-2016-10791 cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559).
CVE-2016-10790 cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpanel.net (SEC-192).
CVE-2016-10789 cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191).
CVE-2016-10788 cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188).
CVE-2016-10787 The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187).
CVE-2016-10786 cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186).
CVE-2016-10785 cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185).
CVE-2016-10784 cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184).
CVE-2016-10783 cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182).
CVE-2016-10782 cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181).
CVE-2016-10781 cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180).
CVE-2016-10780 cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180).
CVE-2016-10779 cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179).
CVE-2016-10778 cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).
CVE-2016-10777 cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177).
CVE-2016-10776 cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).
CVE-2016-10775 cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173).
CVE-2016-10774 cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172).
CVE-2016-10773 cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171).
CVE-2016-10772 cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).
CVE-2016-10771 cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165).
CVE-2016-10770 cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164).
CVE-2016-10769 cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162).
CVE-2016-10768 cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161).
CVE-2016-10767 cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).
CVE-2015-9291 cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).
CVE-2015-2845 The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.
CVE-2015-2844 The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATH_INFO.
CVE-2012-6449 The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability.
CVE-2012-6448 Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4823 Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter.
CVE-2009-2275 Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter.
CVE-2009-2168 cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters.
CVE-2009-2167 Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.
CVE-2008-7142 Absolute path traversal vulnerability in the Disk Usage module (frontend/x/diskusage/index.html) in cPanel 11.18.3 allows remote attackers to list arbitrary directories via the showtree parameter.
CVE-2008-6927 Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote attackers to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (5) thispage, (6) thisapp, and (7) currentversion parameters in an Upgrade action.
CVE-2008-6926 Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory.
CVE-2008-6843 Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter.
CVE-2008-4181 Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) or absolute pathname in the fantasticopath parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
CVE-2008-2478 ** DISPUTED ** scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel."
CVE-2008-2071 Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors.
CVE-2008-2070 The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue parameter to scripts2/knowlegebase, (2) user parameter to scripts2/changeip, (3) search parameter to scripts2/listaccts, and other unspecified vectors.
CVE-2008-2043 Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) frontend/x2/sql/adddb.html, (3) frontend/x2/sql/adduser.html, and (4) frontend/x2/ftp/doaddftp.html.
CVE-2008-1499 Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2008-0370 Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel before 11.17 build 19417 allows remote attackers to inject arbitrary web script or HTML via the rurl parameter. NOTE: some of these details are obtained from third party information.
CVE-2007-4022 Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allows remote attackers to inject arbitrary web script or HTML via the resname parameter.
CVE-2007-3367 Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-3366 Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1455 Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
CVE-2007-0890 Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
CVE-2007-0854 Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager (WHM) allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used to overwrite files in /var/cpanel/objcache or provide unexpected web page contents.
CVE-2006-6566 PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
CVE-2006-6548 Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to (1) scripts2/changeemail, (2) scripts2/limitbw, or (3) scripts/rearrangeacct. NOTE: the feature parameter to scripts2/dofeaturemanager is already covered by CVE-2006-6198.
CVE-2006-6523 Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote attackers to inject arbitrary web script or HTML via the account parameter.
CVE-2006-6198 Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) email parameter to (a) scripts2/dochangeemail, the (2) supporturl parameter to (b) cgi/addon_configsupport.cgi, the (3) pkg parameter to (c) scripts/editpkg, the (4) domain parameter to (d) scripts2/domts2 and (e) scripts/editzone, the (5) feature parameter to (g) scripts2/dofeaturemanager, and the (6) ndomain parameter to (h) scripts/park.
CVE-2006-5883 Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html.
CVE-2006-5535 Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate.
CVE-2006-5014 Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
CVE-2006-4293 Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter in dohtaccess.html, or the (2) file parameter in (a) editit.html or (b) showfile.html.
CVE-2006-3337 Cross-site scripting (XSS) vulnerability in frontend/x/files/select.html in cPanel 10.8.2-CURRENT 118 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.
CVE-2006-2825 cPanel does not automatically synchronize the PHP open_basedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script that uses a main server URL (such as ~username) that is blocked by the user's own open_basedir directive, but not the main server's open_basedir directive.
CVE-2006-1119 fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message.
CVE-2006-0763 Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via a URL encoded value in the fwd parameter.
CVE-2006-0574 Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel 10 allows remote attackers to inject arbitrary web script or HTML via the (1) file extension or (2) mime-type.
CVE-2006-0573 Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to (a) editquota.html or (b) dodelpop.html; (2) showtree parameter to (c) diskusage.html; or the (3) mon, (4) year, (5) target, or (6) domain parameter to (d) stats/detailbw.html.
CVE-2006-0533 Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter.
CVE-2005-3505 Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processed by Internet Explorer.
CVE-2005-2021 Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page.
CVE-2004-2398 Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
CVE-2004-2308 Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html.
CVE-2004-1875 Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html, (4) account parameter to ignorelist.html, (5) account parameter to showlog.html, (6) db parameter to repairdb.html, (7) login parameter to doaddftp.html (8) account parameter to editmsg.htm, or (9) ip parameter to del.html. NOTE: the dnslook.html vector was later reported to exist in cPanel 10.
CVE-2004-1849 Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.
CVE-2004-1770 The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.
CVE-2004-1769 The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.
CVE-2004-1604 cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.
CVE-2004-1603 cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled.
CVE-2004-0529 The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
CVE-2004-0490 cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
CVE-2003-1426 Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.
CVE-2003-1425 guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.
CVE-2003-0521 Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens.
Back to top
  
You can also search by reference using the CVE Reference Maps.
For More Information:  CVE Request Web Form (select “Other” from dropdown)