Vulnerabilities > Cpanel > Cpanel > 11.50.4.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-01 | CVE-2016-10829 | Files or Directories Accessible to External Parties vulnerability in Cpanel cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99). | 6.8 |
2019-08-01 | CVE-2016-10828 | Path Traversal vulnerability in Cpanel cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). | 9.0 |
2019-08-01 | CVE-2016-10827 | Cross-site Scripting vulnerability in Cpanel cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96). | 3.5 |
2019-08-01 | CVE-2016-10825 | Improperly Implemented Security Check for Standard vulnerability in Cpanel cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92). | 5.5 |
2019-08-01 | CVE-2016-10824 | Improper Input Validation vulnerability in Cpanel cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90). | 9.3 |
2019-08-01 | CVE-2016-10823 | Improper Input Validation vulnerability in Cpanel cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). | 9.0 |
2019-08-01 | CVE-2016-10822 | Cross-site Scripting vulnerability in Cpanel cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88). | 3.5 |
2019-08-01 | CVE-2016-10836 | Improper Authentication vulnerability in Cpanel cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108). | 4.0 |
2019-08-01 | CVE-2018-20923 | Cross-site Scripting vulnerability in Cpanel cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377). | 4.3 |
2019-08-01 | CVE-2018-20922 | Cross-site Scripting vulnerability in Cpanel cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376). | 4.3 |