Cpanel

Cpanel

416 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2008-6927

Exploit
  • EPSS 4.18%
  • Veröffentlicht 10.08.2009 20:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote attackers to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_...

5

CVE-2008-6843

Exploit
  • EPSS 0.84%
  • Veröffentlicht 02.07.2009 10:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter.

5

CVE-2009-2275

  • EPSS 1.11%
  • Veröffentlicht 01.07.2009 13:00:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter.

8.5

CVE-2008-2478

Exploit
  • EPSS 5.51%
  • Veröffentlicht 28.05.2008 15:32:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE:...

4.3

CVE-2008-2070

Exploit
  • EPSS 0.96%
  • Veröffentlicht 12.05.2008 16:20:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue parameter...

4.3

CVE-2008-2071

  • EPSS 0.18%
  • Veröffentlicht 12.05.2008 16:20:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/wh...

4.3

CVE-2008-2043

Exploit
  • EPSS 0.47%
  • Veröffentlicht 01.05.2008 19:05:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administr...

4.3

CVE-2008-1499

Exploit
  • EPSS 1.82%
  • Veröffentlicht 25.03.2008 19:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote attackers to inject arbitrary web script or HTML via the query string.

4.3

CVE-2008-0370

  • EPSS 0.33%
  • Veröffentlicht 22.01.2008 20:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel before 11.17 build 19417 allows remote attackers to inject arbitrary web script or HTML via the rurl parameter. NOTE: some of these details are obtained from third party informati...

4.3

CVE-2007-4022

Exploit
  • EPSS 5.45%
  • Veröffentlicht 26.07.2007 19:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allows remote attackers to inject arbitrary web script or HTML via the resname parameter.