Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:cpanel:cpanel:11.54.0.0.:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-10814 |
cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). Published: August 01, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2016-10835 |
cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107). Published: August 01, 2019; 1:15:12 PM -0400 |
V4.0:(not available) V3.0: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-10834 |
cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105). Published: August 01, 2019; 1:15:12 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2016-10833 |
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-10832 |
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-10831 |
cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 7.2 HIGH V2.0: 6.5 MEDIUM |
CVE-2016-10830 |
cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 8.1 HIGH V2.0: 5.5 MEDIUM |
CVE-2016-10829 |
cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 6.8 MEDIUM |
CVE-2016-10828 |
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 9.0 HIGH |
CVE-2016-10827 |
cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2016-10825 |
cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 8.1 HIGH V2.0: 5.5 MEDIUM |
CVE-2016-10824 |
cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 9.3 HIGH |
CVE-2016-10823 |
cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 9.0 HIGH |
CVE-2016-10822 |
cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88). Published: August 01, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2016-10849 |
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). Published: August 01, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-10848 |
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). Published: August 01, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 7.2 HIGH V2.0: 9.0 HIGH |
CVE-2016-10847 |
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80). Published: August 01, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 8.1 HIGH V2.0: 5.5 MEDIUM |
CVE-2016-10846 |
cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79). Published: August 01, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 8.1 HIGH V2.0: 8.5 HIGH |
CVE-2016-10845 |
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78). Published: August 01, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 8.1 HIGH V2.0: 6.5 MEDIUM |
CVE-2016-10844 |
The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77). Published: August 01, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.0 MEDIUM |