Vulnerabilities > Cpanel > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-02 | CVE-2017-18386 | Injection vulnerability in Cpanel cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313). | 9.0 |
| 2019-08-01 | CVE-2016-10820 | Improper Access Control vulnerability in Cpanel cPanel before 55.9999.141 allows daemons to access their controlling TTYs (SEC-31). | 9.0 |
| 2019-08-01 | CVE-2016-10817 | SQL Injection vulnerability in Cpanel cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123). | 10.0 |
| 2019-08-01 | CVE-2016-10828 | Path Traversal vulnerability in Cpanel cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). | 9.0 |
| 2019-08-01 | CVE-2016-10824 | Improper Input Validation vulnerability in Cpanel cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90). | 9.3 |
| 2019-08-01 | CVE-2016-10823 | Improper Input Validation vulnerability in Cpanel cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). | 9.0 |
| 2019-08-01 | CVE-2016-10848 | Improper Authorization vulnerability in Cpanel cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). | 9.0 |
| 2019-08-01 | CVE-2016-10840 | Exposure of Resource to Wrong Sphere vulnerability in Cpanel cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72). | 9.0 |
| 2019-08-01 | CVE-2016-10858 | Improper Input Validation vulnerability in Cpanel cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64). | 9.3 |
| 2019-08-01 | CVE-2016-10855 | Improper Input Validation vulnerability in Cpanel cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91). | 10.0 |