Vulnerabilities > Cpanel > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-02 | CVE-2017-18429 | 7PK - Security Features vulnerability in Cpanel In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291). | 2.1 |
2019-08-02 | CVE-2017-18432 | Information Exposure vulnerability in Cpanel In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234). | 2.1 |
2019-08-02 | CVE-2017-18392 | Improper Input Validation vulnerability in Cpanel cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts (SEC-325). | 2.1 |
2019-08-02 | CVE-2017-18397 | Permission Issues vulnerability in Cpanel cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330). | 2.1 |
2019-08-02 | CVE-2017-18402 | Cross-site Scripting vulnerability in Cpanel cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336). | 3.5 |
2019-08-02 | CVE-2017-18405 | Improper Input Validation vulnerability in Cpanel cPanel before 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345). | 2.1 |
2019-08-02 | CVE-2017-18408 | Cross-site Scripting vulnerability in Cpanel cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282). | 3.5 |
2019-08-02 | CVE-2017-18412 | Information Exposure Through Log Files vulnerability in Cpanel cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296). | 1.9 |
2019-08-02 | CVE-2017-18416 | Improper Access Control vulnerability in Cpanel cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303). | 3.6 |
2019-08-02 | CVE-2017-18384 | Improper Access Control vulnerability in Cpanel cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310). | 2.1 |