Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2019-08-01 CVE-2018-20942 Information Exposure vulnerability in Cpanel
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).
local
high complexity
cpanel CWE-200
2.5
2.5
2019-08-01 CVE-2018-20940 Race Condition vulnerability in Cpanel
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).
local
low complexity
cpanel CWE-362
3.3
3.3
2019-08-01 CVE-2018-20939 Information Exposure vulnerability in Cpanel
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339).
local
low complexity
cpanel CWE-200
3.3
3.3
2019-08-01 CVE-2018-20938 Improper Access Control vulnerability in Cpanel
cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).
network
low complexity
cpanel CWE-284
2.7
2.7
2019-08-01 CVE-2018-20936 Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel
cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).
local
low complexity
cpanel CWE-732
3.3
3.3
2019-08-01 CVE-2018-20932 File and Directory Information Exposure vulnerability in Cpanel
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
network
low complexity
cpanel CWE-538
2.7
2.7
2019-08-01 CVE-2018-20927 Improper Authorization vulnerability in Cpanel
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).
local
low complexity
cpanel CWE-285
3.8
3.8
2019-08-01 CVE-2018-20897 Improper Input Validation vulnerability in Cpanel
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395).
local
low complexity
cpanel CWE-20
2.8
2.8
2019-08-01 CVE-2018-20896 Code Injection vulnerability in Cpanel
cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).
local
low complexity
cpanel CWE-94
3.9
3.9
2019-08-01 CVE-2018-20894 Information Exposure vulnerability in Cpanel
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).
local
low complexity
cpanel CWE-200
3.3
3.3