cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).
cPanel before 64.0.21 allows demo users to execute traceroute via api2 (SEC-244).
cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229).
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).
cPanel before 68.0.15 does not block a username of ssl (SEC-328).
In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206).
cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).
In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).
cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).
cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message.
cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288).
The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account (SEC-285).
cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531).
cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415).
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).
cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).
In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75).
cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).
cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).
cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186).
cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154).
The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77).
cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup (SEC-124).
cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certificate" page visitors to list all server domains (SEC-133).
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).
cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185).
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
In cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server (SEC-284).
In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
cPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327).
In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209).
In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283).
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).
cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).
A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events.
In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/client id to '#' or '+'. This allows locally or remotely connected clients to access MQTT topics that they do have the rights to. The same issue may be present in third party authentication/access control plugins for Mosquitto.
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
rss/file.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 does not properly implement the use of RSS tokens for impersonation, which allows remote authenticated users to obtain sensitive block information by reading an RSS feed.
In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.
Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly determine authorization, which allows remote authenticated users to gain privileges via unspecified vectors.
1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key.