Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter.
Absolute path traversal vulnerability in the Disk Usage module (frontend/x/diskusage/index.html) in cPanel 11.18.3 allows remote attackers to list arbitrary directories via the showtree parameter.
In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).
Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter.
cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252).
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).
In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).
Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205).
cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled.
cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257).
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186).
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352).
cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349).
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339).
cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364).
cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408).
cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323).
In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290).
cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).
cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239).
In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274).
In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234).
cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201).
The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467).
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).
In cPanel before 57.9999.54, /scripts/unsuspendacct exposed TTYs (SEC-116).
cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185).
In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114).
In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115).
cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certificate" page visitors to list all server domains (SEC-133).
cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154).
The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77).
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).
cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425).
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially crafted HTTP request is sent to the web server of the module.
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.
CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.
An issue was discovered on Samsung mobile devices with N(7.x) (MediaTek chipsets) software. There is information disclosure (of kernel stack memory) in a MediaTek driver. The Samsung ID is SVE-2018-11852 (July 2018).
download.aspx in Douran Portal 3.9.7.8 allows remote attackers to obtain source code of arbitrary files under the web root via (1) a trailing ".", (2) a trailing space, or (3) mixed case in the FileNameAttach parameter.