Vulnerabilities > Cpanel > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2018-20894 | Information Exposure vulnerability in Cpanel cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443). | 3.3 |
| 2019-08-01 | CVE-2018-20896 | Code Injection vulnerability in Cpanel cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394). | 3.9 |
| 2019-08-01 | CVE-2018-20897 | Improper Input Validation vulnerability in Cpanel cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395). | 2.8 |
| 2019-08-01 | CVE-2018-20873 | Improper Input Validation vulnerability in Cpanel cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). | 3.3 |
| 2019-08-01 | CVE-2018-20880 | Unspecified vulnerability in Cpanel cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). | 3.3 |
| 2019-07-30 | CVE-2019-14395 | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494). | 3.3 |
| 2019-07-30 | CVE-2019-14396 | Unspecified vulnerability in Cpanel API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495). | 3.3 |
| 2019-07-30 | CVE-2019-14402 | Unspecified vulnerability in Cpanel cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481). | 3.3 |
| 2019-07-30 | CVE-2019-14407 | Unspecified vulnerability in Cpanel cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415). | 2.7 |
| 2019-07-30 | CVE-2019-14410 | Use of Externally-Controlled Format String vulnerability in Cpanel Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472). | 3.3 |