In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117).

Source

In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113).

Source

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138).

Source

cPanel before 58.0.4 has improper session handling for shared users (SEC-139).

Source

cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923).

Source

ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID.

Source

AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp.

Source

AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp.

Source

AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp.

Source

An issue was discovered in ZenTao 11.5.1. There is an XSS (stored) vulnerability that leads to the capture of other people's cookies via the Rich Text Box.

Source