Vulmon Recent Vulnerabilities Trends Blog About Contact

Recent vulnerabilities and exploits

NA
CVE-2020-26115
cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574)....
NA
CVE-2020-26106
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558)....
NA
CVE-2020-26100
chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497)....
NA
CVE-2020-26112
The email quota cache in cPanel before 90.0.10 allows overwriting of files....
NA
CVE-2020-26109
cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557)....
NA
CVE-2020-26105
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554)....
NA
CVE-2020-26108
cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488)....
NA
CVE-2020-26114
cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573)....
NA
CVE-2019-11556
Pagure before 5.6 allows XSS via the templates/blame.html blame view....
NA
CVE-2020-26102
In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550)....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-3480CVE-2020-3559encryptionreflected XSSCVE-2020-3408CVE-2020-1472CVE-2020-13629firmwareCVE-2020-3488