Vulnerabilities > Cpanel > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-17 | CVE-2019-20494 | Use of Insufficiently Random Values vulnerability in Cpanel In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525). | 3.3 |
| 2019-08-06 | CVE-2016-10796 | Permission Issues vulnerability in Cpanel cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130). | 3.3 |
| 2019-08-05 | CVE-2016-10772 | 7PK - Security Features vulnerability in Cpanel cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168). | 3.3 |
| 2019-08-05 | CVE-2017-18466 | Improper Input Validation vulnerability in Cpanel cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228). | 2.7 |
| 2019-08-02 | CVE-2017-18436 | Information Exposure vulnerability in Cpanel cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239). | 3.5 |
| 2019-08-02 | CVE-2017-18455 | Permissions, Privileges, and Access Controls vulnerability in Cpanel In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208). | 2.7 |
| 2019-08-02 | CVE-2017-18458 | Improper Input Validation vulnerability in Cpanel cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). | 3.3 |
| 2019-08-02 | CVE-2017-18421 | Improper Access Control vulnerability in Cpanel cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271). | 3.3 |
| 2019-08-02 | CVE-2017-18422 | Permission Issues vulnerability in Cpanel In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272). | 3.3 |
| 2019-08-02 | CVE-2017-18423 | Information Exposure Through Log Files vulnerability in Cpanel In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). | 3.3 |