CPE Details
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:cpanel:cpanel:76.0.17:*:*:*:*:*:*:*
Informations
Vendor
cpanelProduct
cpanelVersion
76.0.17Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585). | 7.2 |
Haute |
||
| The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). | 7.2 |
Haute |
||
| In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). | 7.5 |
Haute |
||
| In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587). | 8.1 |
Haute |
||
| cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581). | 6.1 |
Moyen |
||
| cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578). | 7.5 |
Haute |
||
| cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579). | 7.5 |
Haute |
||
| cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577). | 6.1 |
Moyen |
||
| cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567). | 4.1 |
Moyen |
||
| cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485). | 9.8 |
Critique |
||
| cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491). | 7.5 |
Haute |
||
| chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497). | 9.8 |
Critique |
||
| In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549). | 9.8 |
Critique |
||
| In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550). | 7.5 |
Haute |
||
| In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551). | 7.5 |
Haute |
||
| In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552). | 7.5 |
Haute |
||
| In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). | 9.8 |
Critique |
||
| cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558). | 7.5 |
Haute |
||
| cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561). | 7.5 |
Haute |
||
| cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488). | 9.8 |
Critique |
||
| cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557). | 7.5 |
Haute |
||
| cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564). | 6.1 |
Moyen |
||
| cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566). | 6.1 |
Moyen |
||
| The email quota cache in cPanel before 90.0.10 allows overwriting of files. | 7.5 |
Haute |
||
| cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569). | 6.1 |
Moyen |
||
| cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573). | 6.1 |
Moyen |
||
| cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574). | 6.1 |
Moyen |
||
| cPanel before 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell (SEC-545). | 7.2 |
Haute |
||
| cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544). | 9.8 |
Critique |
||
| cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface (SEC-528). | 6.1 |
Moyen |
||
| In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478). | 3.3 |
Bas |
||
| cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476). | 4.3 |
Moyen |
||
| Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474). | 3.3 |
Bas |
||
| cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473). | 5.3 |
Moyen |
||
| Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472). | 3.3 |
Bas |
||
| cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466). | 5.5 |
Moyen |
||
| cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460). | 4.3 |
Moyen |
||
| cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415). | 2.7 |
Bas |
||
| cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing (SEC-493). | 6.1 |
Moyen |
||
| cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487). | 8.8 |
Haute |
||
| cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484). | 5.5 |
Moyen |
||
| cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483). | 4.3 |
Moyen |
||
| cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481). | 3.3 |
Bas |
||
| cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480). | 8.8 |
Haute |
||
| cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479). | 7.8 |
Haute |
||
| The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477). | 7.1 |
Haute |
||
| cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498). | 8.8 |
Haute |
||
| cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496). | 5.3 |
Moyen |
||
| API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495). | 3.3 |
Bas |
||
| cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494). | 3.3 |
Bas |
||
| cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489). | 5.5 |
Moyen |
||
| cPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486). | 5.3 |
Moyen |
||
| cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501). | 8.8 |
Haute |
||
| cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514). | 3.3 |
Bas |
||
| cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512). | 5.4 |
Moyen |
||
| cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). | 7.8 |
Haute |
||
| cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507). | 7.5 |
Haute |
||
| cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506). | 6.1 |
Moyen |
||
| cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504). | 5.4 |
Moyen |
||
| Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory. | 6.8 |
|||
| Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote attackers to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (5) thispage, (6) thisapp, and (7) currentversion parameters in an Upgrade action. | 4.3 |
|||
| Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter. | 5 |
|||
| cPanel does not automatically synchronize the PHP open_basedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script that uses a main server URL (such as ~username) that is blocked by the user's own open_basedir directive, but not the main server's open_basedir directive. | 5.1 |
|||
| fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message. | 4 |
|||
| Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via a URL encoded value in the fwd parameter. | 4.3 |
