cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).
cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152).
cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142).
cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).
cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171).
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).
cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109).
cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).
cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121).
cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141).
cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191).
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
cPanel before 58.0.4 has improper session handling for shared users (SEC-139).
cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501).
cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499).
cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516).
cPanel before 82.0.15 allows API token credentials to persist after an account has been renamed or terminated (SEC-517).
cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498).
cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480).
cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487).
cPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362).
cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405).
cPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of cpaddonsup (SEC-359).
cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444).
In cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393).
The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585).
The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585).
cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242).
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314).
cPanel before 62.0.17 allows demo accounts to execute code via the Htaccess::setphppreference API (SEC-232).
cPanel before 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233).
In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243).
cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250).
cPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archives (SEC-337).
cPanel before 64.0.21 allows demo accounts to execute code via the ClamScanner_getsocket API (SEC-251).
cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).
cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).
cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).
cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).
In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page
The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users with low-privileged accounts, like subscribers, to perform remote code execution on affected sites.
Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions.