cPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path (SEC-225).
cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315).
cPanel before 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302).
cPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237).
cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).
cPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220).
In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299).
cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322).
cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
cPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333).
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510).
cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479).
cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380).
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234).
cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).
cPanel before 64.0.21 allows demo users to execute traceroute via api2 (SEC-244).
cPanel before 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233).
cPanel before 64.0.21 allows demo accounts to execute SSH API commands (SEC-248).
cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334).
In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts (SEC-325).
cPanel before 68.0.15 does not block a username of ssl (SEC-328).
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226).
DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331).
cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228).
In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294).
cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).
cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).
cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243).
cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941).
cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254).
cPanel before 64.0.21 allows demo and suspended accounts to use SSH port forwarding (SEC-247).
guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.
The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account (SEC-285).
cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191).
cPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362).
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
cPanel before 74.0.8 allows FTP access during account suspension (SEC-449).
cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454).
cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436).
cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121).
In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113).
cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).
cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).
In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117).
cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164).
cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152).
cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165).
cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112).