|
245941
|
6.5 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows FTP access during account suspension (SEC-449).
|
CWE-20
Improper Input Validation
|
CVE-2018-20883
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245942
|
6.8 |
MEDIUM
Local
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447).
|
CWE-20
Improper Input Validation
|
CVE-2018-20882
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245943
|
5.4 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446).
|
CWE-79
Cross-site Scripting
|
CVE-2018-20881
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245944
|
3.3 |
LOW
Local
|
cpanel
|
cpanel
|
cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).
|
NVD-CWE-noinfo
|
CVE-2018-20880
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245945
|
6.3 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444).
|
CWE-20
Improper Input Validation
|
CVE-2018-20879
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245946
|
5.4 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441).
|
CWE-79
Cross-site Scripting
|
CVE-2018-20878
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245947
|
5.4 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437).
|
CWE-79
Cross-site Scripting
|
CVE-2018-20877
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245948
|
5.4 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).
|
CWE-79
Cross-site Scripting
|
CVE-2018-20876
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245949
|
5.4 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433).
|
CWE-79
Cross-site Scripting
|
CVE-2018-20875
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245950
|
5.4 |
MEDIUM
Network
|
cpanel
|
cpanel
|
cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428).
|
CWE-79
Cross-site Scripting
|
CVE-2018-20874
|
2024-11-21 13:02 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|