Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-10817
cPanel prior to 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
Cpanel Cpanel
10
CVSSv2
CVE-2016-10855
cPanel prior to 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
Cpanel Cpanel
10
CVSSv2
CVE-2015-2845
The cpanel function in go_site.php in GoAutoDial GoAdmin CE prior to 3.3-1421902800 allows remote malicious users to execute arbitrary commands via the $type portion of the PATH_INFO.
Goautodial Goadmin Ce 3.3
Goautodial Goadmin Ce 3.0
2 EDB exploits
3 Github repositories
10
CVSSv2
CVE-2015-2844
The cpanel function in go_site.php in GoAutoDial GoAdmin CE prior to 3.3-1420434000 allows remote malicious users to execute arbitrary commands via the $action portion of the PATH_INFO.
Goautodial Goadmin Ce 3.0
Goautodial Goadmin Ce 3.3
1 EDB exploit
3 Github repositories
10
CVSSv2
CVE-2004-1770
The login page for cPanel 9.1.0, and possibly other versions, allows remote malicious users to execute arbitrary code via shell metacharacters in the user parameter.
Cpanel Cpanel 5.0
Cpanel Cpanel 5.3
Cpanel Cpanel 7.0
Cpanel Cpanel 8.0
Cpanel Cpanel 6.4
Cpanel Cpanel 6.4.1
Cpanel Cpanel 6.0
Cpanel Cpanel 6.2
Cpanel Cpanel 9.0
Cpanel Cpanel 9.1
Cpanel Cpanel 6.4.2
Cpanel Cpanel 6.4.2 Stable 48
1 EDB exploit
10
CVSSv2
CVE-2004-1769
The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and previous versions, including 8.x, allows remote malicious users to execute arbitrary code via the user parameter to resetpass.
Cpanel Cpanel 6.4
Cpanel Cpanel 6.4.1
Cpanel Cpanel 5.0
Cpanel Cpanel 5.3
Cpanel Cpanel 7.0
Cpanel Cpanel 8.0
Cpanel Cpanel 9.0
Cpanel Cpanel 6.4.2
Cpanel Cpanel 6.4.2 Stable 48
Cpanel Cpanel 6.0
Cpanel Cpanel 6.2
Cpanel Cpanel 9.1
1 EDB exploit
1 Github repository
10
CVSSv2
CVE-2003-1425
guestbook.cgi in cPanel 5.0 allows remote malicious users to execute arbitrary commands via the template parameter.
Cpanel Cpanel 5.0
4 EDB exploits
9.3
CVSSv2
CVE-2016-10824
cPanel prior to 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
Cpanel Cpanel
9.3
CVSSv2
CVE-2016-10858
cPanel prior to 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).
Cpanel Cpanel
9.3
CVSSv2
CVE-2004-1875
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote malicious users to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html, (4) account parameter t...
Cpanel Cpanel 9.1.0 R85
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »