Vulnerabilities > Cpanel > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-08-01 CVE-2016-10817 SQL Injection vulnerability in Cpanel
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
network
low complexity
cpanel CWE-89
critical
 9.8
9.8
2019-08-01 CVE-2016-10824 Improper Input Validation vulnerability in Cpanel
cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
network
low complexity
cpanel CWE-20
critical
 9.8
9.8
2019-08-01 CVE-2016-10858 Improper Input Validation vulnerability in Cpanel
cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).
network
low complexity
cpanel CWE-20
critical
 9.8
9.8
2019-08-01 CVE-2016-10855 Improper Input Validation vulnerability in Cpanel
cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
network
low complexity
cpanel CWE-20
critical
 9.8
9.8
2019-08-01 CVE-2018-20887 SQL Injection vulnerability in Cpanel
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420).
network
low complexity
cpanel CWE-89
critical
 9.8
9.8
2019-07-30 CVE-2018-20863 Improper Input Validation vulnerability in Cpanel
cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452).
network
low complexity
cpanel CWE-20
critical
 9.8
9.8