Vulnerabilities > Cpanel > Low

DATE CVE VULNERABILITY TITLE RISK
2019-08-01 CVE-2018-20894 Information Exposure vulnerability in Cpanel
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).
local
low complexity
cpanel CWE-200
3.3
2019-08-01 CVE-2018-20896 Code Injection vulnerability in Cpanel
cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).
local
low complexity
cpanel CWE-94
3.9
2019-08-01 CVE-2018-20897 Improper Input Validation vulnerability in Cpanel
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395).
local
low complexity
cpanel CWE-20
2.8
2019-08-01 CVE-2018-20873 Improper Input Validation vulnerability in Cpanel
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
local
low complexity
cpanel CWE-20
3.3
2019-08-01 CVE-2018-20880 Unspecified vulnerability in Cpanel
cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).
local
low complexity
cpanel
3.3
2019-07-30 CVE-2019-14395 Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel
cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
local
low complexity
cpanel CWE-732
3.3
2019-07-30 CVE-2019-14396 Unspecified vulnerability in Cpanel
API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).
local
low complexity
cpanel
3.3
2019-07-30 CVE-2019-14402 Unspecified vulnerability in Cpanel
cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481).
local
low complexity
cpanel
3.3
2019-07-30 CVE-2019-14407 Unspecified vulnerability in Cpanel
cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415).
network
low complexity
cpanel
2.7
2019-07-30 CVE-2019-14410 Use of Externally-Controlled Format String vulnerability in Cpanel
Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).
local
low complexity
cpanel CWE-134
3.3