Vulnerabilities > Cpanel > Cpanel > 11.18.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-04-27 | CVE-2009-4823 | Cross-Site Scripting vulnerability in Cpanel Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter. | 4.3 |
| 2009-09-01 | CVE-2008-7142 | Path Traversal vulnerability in Cpanel 11.18.3 Absolute path traversal vulnerability in the Disk Usage module (frontend/x/diskusage/index.html) in cPanel 11.18.3 allows remote attackers to list arbitrary directories via the showtree parameter. | 5.0 |
| 2009-07-02 | CVE-2008-6843 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2008-05-01 | CVE-2008-2043 | Cross-Site Request Forgery (CSRF) vulnerability in Cpanel 11.18.3/11.19.3 Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) frontend/x2/sql/adddb.html, (3) frontend/x2/sql/adduser.html, and (4) frontend/x2/ftp/doaddftp.html. | 4.3 |
| 2008-03-25 | CVE-2008-1499 | Cross-Site Scripting vulnerability in Cpanel 11.18.3/11.21 Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |