Vulnerabilities > Cpanel > Low

DATE CVE VULNERABILITY TITLE RISK
2019-08-05 CVE-2017-18471 Cross-site Scripting vulnerability in Cpanel
cPanel before 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197).
network
cpanel CWE-79
3.5
2019-08-05 CVE-2017-18473 Cross-site Scripting vulnerability in Cpanel
cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199).
network
cpanel CWE-79
3.5
2019-08-05 CVE-2017-18481 Cross-site Scripting vulnerability in Cpanel
cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211).
network
cpanel CWE-79
3.5
2019-08-05 CVE-2017-18465 Improper Input Validation vulnerability in Cpanel
cPanel before 62.0.17 does not have a sufficient list of reserved usernames (SEC-227).
local
low complexity
cpanel CWE-20
2.1
2019-08-02 CVE-2017-18436 Information Exposure vulnerability in Cpanel
cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239).
low complexity
cpanel CWE-200
2.7
2019-08-02 CVE-2017-18437 Injection vulnerability in Cpanel
cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240).
local
low complexity
cpanel CWE-74
3.6
2019-08-02 CVE-2017-18449 Improper Input Validation vulnerability in Cpanel
cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254).
local
low complexity
cpanel CWE-20
2.1
2019-08-02 CVE-2017-18454 Cross-site Scripting vulnerability in Cpanel
cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262).
network
cpanel CWE-79
3.5
2019-08-02 CVE-2017-18458 Improper Input Validation vulnerability in Cpanel
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219).
local
low complexity
cpanel CWE-20
3.6
2019-08-02 CVE-2017-18417 Cross-site Scripting vulnerability in Cpanel
cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263).
network
cpanel CWE-79
3.5