MEDIUM🇬🇧 English

CVE-2020-29135

CVSS 4.1v3.1pub. 2020-11-27upd. 2024-11-21

cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567).

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
  • Cpanel

    APP
    Cpanel
    < 90.0.17
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-41940CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Authentication bypass w cPanel/WHM — nieautoryzowany dostęp do panelu

CVE-2020-26105CRITICAL9.8ten sam produkt

In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).

CVE-2020-26098CRITICAL9.8ten sam produkt

cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).

CVE-2020-26100CRITICAL9.8ten sam produkt

chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).

CVE-2020-26101CRITICAL9.8ten sam produkt

In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).