CVE-2016-10837

cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).

mitre·CWE-426·Published 2019-08-01

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

96 chars

cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).

NVDen

96 chars

cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).

NVDes

131 chars

cPanel anterior a versión 11.54.0.4, permite la ejecución de código arbitraria debido a una ruta (path) no segura de @INC (SEC-46).

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	8.5	6.8	10.0	AV:N/AC:M/Au:S/C:C/I:C/A:C
3.0	Primary	NVD	7.5	1.6	5.9	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H