Vulnerabilities > Cpanel > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-02 | CVE-2017-18385 | Improper Access Control vulnerability in Cpanel cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311). | 2.1 |
2019-08-02 | CVE-2017-18391 | Information Exposure vulnerability in Cpanel cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323). | 1.9 |
2019-08-01 | CVE-2016-10813 | Cross-site Scripting vulnerability in Cpanel cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118). | 3.5 |
2019-08-01 | CVE-2016-10822 | Cross-site Scripting vulnerability in Cpanel cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88). | 3.5 |
2019-08-01 | CVE-2016-10827 | Cross-site Scripting vulnerability in Cpanel cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96). | 3.5 |
2019-08-01 | CVE-2018-20936 | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308). | 2.1 |
2019-08-01 | CVE-2018-20939 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339). | 2.1 |
2019-08-01 | CVE-2018-20940 | Race Condition vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342). | 2.1 |
2019-08-01 | CVE-2018-20942 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). | 1.9 |
2019-08-01 | CVE-2018-20943 | Information Exposure vulnerability in Cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352). | 1.9 |