| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29). |
| cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85). |
| cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). |
| cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70). |
| cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108). |
| cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107). |
| cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104). |
| cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102). |
| cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101). |
| cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100). |
| cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93). |
| cPanel before 55.9999.141 allows daemons to access their controlling TTYs (SEC-31). |
| cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142). |
| cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137). |
| cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141). |
| ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php. |
| ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php. |
| Sails is an MVC style framework for building realtime web applications. Version 0.12.7 and lower have an issue with the CORS configuration where the value of the origin header is reflected as the value for the Access-Control-Allow-Origin header. This would allow an attacker to make AJAX requests to vulnerable hosts through cross site scripting or a malicious HTML Document, effectively bypassing the Same Origin Policy. Note that this is only an issue when `allRoutes` is set to `true` and `origin` is set to `*` or left commented out in the sails CORS config file. The problem can be compounded when the cors `credentials` setting is not provided. At that point authenticated cross domain requests are possible. |
| console-io is a module that allows users to implement a web console in their application. A malicious user could bypass the authentication and execute any command that the user who is running the console-io application 2.2.13 and earlier is able to run. This means that if console-io was running from root, the attacker would have full access to the system. This vulnerability exists because the console-io application does not configure socket.io to require authentication, which allows a malicious user to connect via a websocket to send commands and receive the response. |
| When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication. |
