![cpanel whm name service cache daemon cpanel whm name service cache daemon](https://upcloud.com/wp-content/uploads/2019/07/whm-set-resolver.png)
The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585).ĬPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581).ĬPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).ĬPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).ĮGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). In cPanel before 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).
![cpanel whm name service cache daemon cpanel whm name service cache daemon](https://images.kualo.com/kbimages/whm11-setup/whm-setup-4-initial/frame02_1.png)
In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586).
#CPANEL WHM NAME SERVICE CACHE DAEMON VERIFICATION#
In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587). In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588). In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).