Vulnerabilities > Cpanel > Cpanel > 59.9999.63

DATE CVE VULNERABILITY TITLE RISK
2019-08-02 CVE-2017-18409 Improper Input Validation vulnerability in Cpanel
In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283).
network
low complexity
cpanel CWE-20
4.0
4.0
2019-08-02 CVE-2017-18408 Cross-site Scripting vulnerability in Cpanel
cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282).
network
cpanel CWE-79
3.5
3.5
2019-08-02 CVE-2017-18407 Improper Verification of Cryptographic Signature vulnerability in Cpanel
cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279).
network
cpanel CWE-347
5.8
5.8
2019-08-01 CVE-2018-20923 Cross-site Scripting vulnerability in Cpanel
cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377).
network
cpanel CWE-79
4.3
4.3
2019-08-01 CVE-2018-20922 Cross-site Scripting vulnerability in Cpanel
cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).
network
cpanel CWE-79
4.3
4.3
2019-08-01 CVE-2018-20921 Cross-site Scripting vulnerability in Cpanel
cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).
network
cpanel CWE-79
4.3
4.3
2019-08-01 CVE-2018-20920 Cross-site Scripting vulnerability in Cpanel
cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374).
network
cpanel CWE-79
4.3
4.3
2019-08-01 CVE-2018-20919 Cross-site Scripting vulnerability in Cpanel
cPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373).
network
cpanel CWE-79
4.3
4.3
2019-08-01 CVE-2018-20918 Cross-site Scripting vulnerability in Cpanel
cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372).
network
cpanel CWE-79
4.3
4.3
2019-08-01 CVE-2018-20917 Improper Input Validation vulnerability in Cpanel
cPanel before 70.0.23 allows any user to disable Solr (SEC-371).
local
low complexity
cpanel CWE-20
2.1
2.1