Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel 11 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-6523
Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote malicious users to inject arbitrary web script or HTML via the account parameter.
Cpanel Cpanel 11
1 EDB exploit
4.3
CVSSv2
CVE-2008-2070
The WHM interface 11.15.0 for cPanel 11.18 prior to 11.18.4 and 11.22 prior to 11.22.3 allows remote malicious users to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue par...
Cpanel Cpanel 11.18
Cpanel Cpanel 11.22
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.18.2
3 EDB exploits
4.3
CVSSv2
CVE-2009-4823
Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 up to and including 11.24.7 allows remote malicious users to inject arbitrary web script or HTML via the fileop parameter.
Cpanel Cpanel 11.0
Cpanel Cpanel 11.19.3
Cpanel Cpanel 11.21
Cpanel Cpanel 11.24
Cpanel Cpanel 11.24.7
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.18.2
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.4
Cpanel Cpanel 11.22.3
Cpanel Cpanel 11.4.19
Cpanel Cpanel 11.16
Cpanel Cpanel 11.18
Cpanel Cpanel 11.22
1 EDB exploit
5
CVSSv2
CVE-2008-6843
Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote malicious users to read arbitrary files via a .. (dot dot) in the sup3r parameter.
Netenberg Fantastico De Luxe
Cpanel Cpanel 11.21
Cpanel Cpanel 11.8.6 Stable
Cpanel Cpanel 11.16
Cpanel Cpanel 11
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.22.3
Cpanel Cpanel 11.18.4
Cpanel Cpanel 11.23.1 Current
Cpanel Cpanel 11.18.2
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.4.19
Cpanel Cpanel 11.8.6
Cpanel Cpanel 11.23.1
Cpanel Cpanel 11.22
Cpanel Cpanel 11.18
Cpanel Cpanel 11.19.3
Cpanel Cpanel 11.22.2
1 EDB exploit
4.3
CVSSv2
CVE-2007-0890
Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the password parameter.
Cpanel Webhost Manager 11
Cpanel Webhost Manager 11.0
Cpanel Webhost Manager 6.4.1
Cpanel Webhost Manager 6.4.2
Cpanel Webhost Manager 9.4.1 R64
Cpanel Webhost Manager 9.9.1 R3
Cpanel Webhost Manager 10.6.0 R137
Cpanel Webhost Manager 10.8.1 113
Cpanel Webhost Manager 10.8.1 Build84
Cpanel Webhost Manager 5.3
Cpanel Webhost Manager 6.0
Cpanel Webhost Manager 8.0
Cpanel Webhost Manager 9.0
Cpanel Webhost Manager 10.8.2 118
Cpanel Webhost Manager 10.9
Cpanel Webhost Manager 6.2
Cpanel Webhost Manager 6.4
Cpanel Webhost Manager 9.1
Cpanel Webhost Manager 9.1.0 R85
Cpanel Webhost Manager 10.2.0 R82
Cpanel Webhost Manager 11 Beta
Cpanel Webhost Manager 5.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-6927
Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote malicious users to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (...
Cpanel Cpanel
1 EDB exploit
7.8
CVSSv2
CVE-2007-3367
Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the deta...
Cpanel Cpanel
4.3
CVSSv2
CVE-2007-3366
Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the detail...
Cpanel Cpanel
6.8
CVSSv2
CVE-2008-4181
Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module prior to 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) or absol...
Netenberg Fantastico De Luxe
Netenberg Fantastico De Luxe 2.10.4
Netenberg Fantastico De Luxe 2.10.2
Netenberg Fantastico De Luxe 2.10.0
Netenberg Fantastico De Luxe 2.8.8
Netenberg Fantastico De Luxe 2.8.6
Netenberg Fantastico De Luxe 2.8.4
Netenberg Fantastico De Luxe 2.8.2
Netenberg Fantastico De Luxe 2.8.r14
Netenberg Fantastico De Luxe 2.8.r13
Netenberg Fantastico De Luxe 2.8.r6
Netenberg Fantastico De Luxe 2.8.r5
Netenberg Fantastico De Luxe 2.8.r18
Netenberg Fantastico De Luxe 2.8.r17
Netenberg Fantastico De Luxe 2.8.r16
Netenberg Fantastico De Luxe 2.8.r15
Netenberg Fantastico De Luxe 2.8.r8
Netenberg Fantastico De Luxe 2.8.r7
Netenberg Fantastico De Luxe 2.8.r10
Netenberg Fantastico De Luxe 2.8.r9
Netenberg Fantastico De Luxe 2.8.r1
Netenberg Fantastico De Luxe 2.8.r2
1 EDB exploit
6.8
CVSSv2
CVE-2008-6926
Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action....
Netenberg Fantastico De Luxe
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started