Vulnerabilities > Cpanel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2018-20951 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387). | 6.1 |
| 2019-08-01 | CVE-2018-20950 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). | 6.1 |
| 2019-08-01 | CVE-2018-20949 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385). | 6.1 |
| 2019-08-01 | CVE-2018-20948 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383). | 6.1 |
| 2019-08-01 | CVE-2018-20947 | Exposure of Resource to Wrong Sphere vulnerability in Cpanel cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | 5.5 |
| 2019-08-01 | CVE-2018-20946 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355). | 3.3 |
| 2019-08-01 | CVE-2018-20945 | Improper Authorization vulnerability in Cpanel bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). | 5.7 |
| 2019-08-01 | CVE-2018-20944 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353). | 3.3 |
| 2019-08-01 | CVE-2018-20943 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352). | 2.5 |
| 2019-08-01 | CVE-2018-20942 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). | 2.5 |