In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).

In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).

In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).

chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).

cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).

cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).

cPanel before 84.0.20 allows a webmail or demo account to delete arbitrary files (SEC-547).

cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).

cPanel before 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell (SEC-545).

cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).

cPanel before 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).

cPanel before 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).

cPanel before 84.0.20 allows attackers to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).

cPanel before 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor (SEC-535).

cPanel before 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).

Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote attackers to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (5) thispage, (6) thisapp, and (7) currentversion parameters in an Upgrade action.

Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory.

Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter.