Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2016-10830 | Improper Access Control vulnerability in Cpanel cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100). | 8.1 |
| 2019-08-01 | CVE-2018-20930 | Improper Access Control vulnerability in Cpanel cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401). | 6.5 |
| 2019-08-01 | CVE-2016-10838 | Improper Access Control vulnerability in Cpanel cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70). | 6.5 |
| 2019-08-01 | CVE-2016-10860 | Improper Access Control vulnerability in Cpanel cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66). | 8.1 |
| 2019-08-01 | CVE-2016-10857 | Improper Access Control vulnerability in Cpanel cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60). | 6.5 |
| 2019-08-01 | CVE-2016-10856 | Improper Access Control vulnerability in Cpanel cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29). | 6.5 |
| 2019-08-01 | CVE-2016-10852 | Improper Access Control vulnerability in Cpanel cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85). | 6.5 |
| 2019-08-01 | CVE-2015-9291 | Improper Access Control vulnerability in Cpanel cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221). | 7.5 |
| 2019-08-01 | CVE-2018-20890 | Improper Access Control vulnerability in Cpanel cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). | 4.3 |
| 2019-07-30 | CVE-2019-10130 | Improper Access Control vulnerability in multiple products A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. | 4.3 |