Vulnerabilities > Cpanel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2018-20892 | Unspecified vulnerability in Cpanel cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439). | 4.0 |
| 2019-08-01 | CVE-2018-20891 | Improper Input Validation vulnerability in Cpanel cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). | 4.9 |
| 2019-08-01 | CVE-2018-20890 | Improper Access Control vulnerability in Cpanel cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). | 4.0 |
| 2019-08-01 | CVE-2018-20888 | Improper Authentication vulnerability in Cpanel cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424). | 4.9 |
| 2019-08-01 | CVE-2018-20886 | Insecure Storage of Sensitive Information vulnerability in Cpanel cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418). | 4.6 |
| 2019-08-01 | CVE-2018-20885 | Injection vulnerability in Cpanel cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416). | 5.0 |
| 2019-08-01 | CVE-2018-20883 | Improper Input Validation vulnerability in Cpanel cPanel before 74.0.8 allows FTP access during account suspension (SEC-449). | 4.0 |
| 2019-08-01 | CVE-2018-20882 | Improper Input Validation vulnerability in Cpanel cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447). | 6.6 |
| 2019-08-01 | CVE-2018-20879 | Improper Input Validation vulnerability in Cpanel cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444). | 6.5 |
| 2019-07-30 | CVE-2019-14413 | Unspecified vulnerability in Cpanel cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476). | 4.0 |