Vulnerabilities > Cpanel > Cpanel > 68.0.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2018-20950 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). | 4.3 |
| 2019-08-01 | CVE-2018-20949 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385). | 4.3 |
| 2019-08-01 | CVE-2018-20948 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383). | 4.3 |
| 2019-08-01 | CVE-2018-20947 | Exposure of Resource to Wrong Sphere vulnerability in Cpanel cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | 2.1 |
| 2019-08-01 | CVE-2018-20946 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355). | 2.1 |
| 2019-08-01 | CVE-2018-20945 | Improper Authorization vulnerability in Cpanel bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). | 7.9 |
| 2019-08-01 | CVE-2018-20944 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353). | 2.1 |
| 2019-08-01 | CVE-2018-20943 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352). | 1.9 |
| 2019-08-01 | CVE-2018-20942 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). | 1.9 |
| 2019-08-01 | CVE-2018-20941 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349). | 4.7 |