Vulnerabilities > Cpanel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2016-10815 | Information Exposure vulnerability in Cpanel cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120). | 4.0 |
| 2019-08-01 | CVE-2016-10814 | Improper Input Validation vulnerability in Cpanel cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). | 6.5 |
| 2019-08-01 | CVE-2016-10813 | Cross-site Scripting vulnerability in Cpanel cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118). | 3.5 |
| 2019-08-01 | CVE-2018-20953 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389). | 4.3 |
| 2019-08-01 | CVE-2018-20952 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388). | 4.0 |
| 2019-08-01 | CVE-2018-20951 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387). | 4.3 |
| 2019-08-01 | CVE-2018-20950 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). | 4.3 |
| 2019-08-01 | CVE-2018-20949 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385). | 4.3 |
| 2019-08-01 | CVE-2018-20948 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383). | 4.3 |
| 2019-08-01 | CVE-2018-20947 | Exposure of Resource to Wrong Sphere vulnerability in Cpanel cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | 2.1 |