Skip to content
Site Tips
  • Site Tips
  • Business Talk
  • Digital Marketing
  • Technology
  • Website
    • cPanel / WHM
    • Joomla
    • WordPress
  • Contact Us

cPanel TSR-2018-0003 Full Disclosure

Leave a Comment / cPanel / WHM / Tipper2010

cPanel TSR-2018-0003 Full Disclosure SEC-393 Summary API tokens retain ACLs that are removed from accounts. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 6.4 CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H Description Starting w…

cPanel TSR-2018-0003 Full Disclosure Read More »

[20180509] – Core – XSS vulnerability in the media manager

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 1.5.0 through 3.8.7
Exploit type: XSS
Reported Date: 2017-October-28
Fixed Date: 2018-May-22
CVE Number: CVE-2018-6378

Description
Inadequate filtering of file and folder names lead…

[20180509] – Core – XSS vulnerability in the media manager Read More »

[20180508] – Core – Possible XSS attack in the redirect method

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 3.1.2 through 3.8.7
Exploit type: XSS
Reported Date: 2018-March-30
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
Under specific circumstances (a redirect issued with…

[20180508] – Core – Possible XSS attack in the redirect method Read More »

[20180507] – Core – Session deletion race condition

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Medium
Severity: Low
Versions: 3.0.0 through 3.8.7
Exploit type: Session race condition
Reported Date: 2017-July-08
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
A long running background proce…

[20180507] – Core – Session deletion race condition Read More »

[20180506] – Core – Filter field in com_fields allows remote code execution

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 3.7.0 through 3.8.7
Exploit type: Remote Code Execution
Reported Date: 2018-May-14
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
Inadequate filtering allows use…

[20180506] – Core – Filter field in com_fields allows remote code execution Read More »

[20180505] – Core – XSS Vulnerabilities & additional hardening

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Moderate
Versions: 3.0.0 through 3.8.7
Exploit type:XSS
Reported Date:2018-February-02 & 2018-March-27
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
Inadequate input filt…

[20180505] – Core – XSS Vulnerabilities & additional hardening Read More »

[20180504] – Core – Installer leaks plain text password to local user

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 3.0.0 through 3.8.7
Exploit type: Information Disclosure
Reported Date: 2018-February-09
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
The web install application wo…

[20180504] – Core – Installer leaks plain text password to local user Read More »

[20180503] – Core – Information Disclosure about unpublished tags

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Moderate
Versions: 3.1.0 through 3.8.7
Exploit type: Information Disclosure
Reported Date: 2018-April-27
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
Inadequate checks allowed us…

[20180503] – Core – Information Disclosure about unpublished tags Read More »

[20180502] – Core – Add PHAR files to the upload blacklist

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: High
Severity: Low
Versions: 2.5.0 through 3.8.7
Exploit type: Malicious file upload
Reported Date: 2018-March-14
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
Depending on the server configura…

[20180502] – Core – Add PHAR files to the upload blacklist Read More »

[20180501] – Core – ACL violation in access levels

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: High
Severity: Low
Versions: 2.5.0 through 3.8.7
Exploit type: ACL violation
Reported Date: 2018-March-08
Fixed Date: 2018-May-22
CVE Number: CVE-2018-XXXX

Description
Inadequate checks allowed users to modify…

[20180501] – Core – ACL violation in access levels Read More »

← Previous 1 … 710 711 712 … 918 Next →

Categories

  • Business Talk
  • cPanel / WHM
  • Digital Marketing
  • Joomla
  • Site Tips
  • Technology
  • WordPress
Facebooktwitterredditpinterestlinkedinmail

Recent Posts

  • Marketing operations tech stack audit: A proven checklist for operations teams February 12, 2026
  • A Presidents Day mystery: What did George Washington sound like? February 10, 2026
  • AI engine optimization audit: How to audit your content for AI search engines February 10, 2026
  • Answer engine optimization vs. traditional SEO: What marketers need to know February 9, 2026
  • [Executive Corner] LG HVAC, Beyond Hardware: Rising to the Challenge of the AI Era February 9, 2026

Tags

5.0 5.9 6.0 6.1 6.3 6.4 6.5 6.7 6.8 Community cPanel CURRENT Design Development easyapache EOL Events Features General Gutenberg heropress Interviews Meta minor-releases Month in WordPress People of WordPress Podcast Press Release ProdDevSec Products release Releases Security Security Centre security release Software Updates STABLE state of the word survey TSR Uncategorized Updates v70 WordCamp wp-briefing
Copyright © 2026 SITE TIPS.info