Search Results | AttackerKB

425 Total Results

Displaying 31-40 of 425

Attacker Value

Unknown

CVE-2020-26104

Disclosure Date: September 25, 2020 (last updated February 22, 2025)

In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).

Attacker Value

Unknown

CVE-2020-26098

Disclosure Date: September 25, 2020 (last updated November 28, 2024)

cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2020-12785

Disclosure Date: May 11, 2020 (last updated November 27, 2024)

cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature (SEC-540).

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2020-12784

Disclosure Date: May 11, 2020 (last updated November 27, 2024)

cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings (SEC-505).

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2019-20496

Disclosure Date: March 17, 2020 (last updated November 27, 2024)

cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing (SEC-532).

Attack Vector: Local Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2020-10115

Disclosure Date: March 17, 2020 (last updated November 27, 2024)

cPanel before 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).

Attack Vector: Network Privileges: High User Interaction: None

Attacker Value

Unknown

CVE-2019-20495

Disclosure Date: March 17, 2020 (last updated November 27, 2024)

cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531).

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-20493

Disclosure Date: March 17, 2020 (last updated February 21, 2025)

cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2019-20497

Disclosure Date: March 17, 2020 (last updated February 21, 2025)

cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2020-10114

Disclosure Date: March 17, 2020 (last updated February 21, 2025)

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor (SEC-535).

Attack Vector: Network Privileges: None User Interaction: Required

425 Total Results

Displaying 31-40 of 425

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification