Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel whm vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2016-10860
cPanel prior to 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).
Cpanel Cpanel
7.2
CVSSv3
CVE-2021-38584
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows XXE attacks (SEC-585).
Cpanel Cpanel
7.2
CVSSv3
CVE-2021-38585
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows unserialization attacks (SEC-585).
Cpanel Cpanel
6.8
CVSSv3
CVE-2018-20882
cPanel prior to 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447).
Cpanel Cpanel
6.7
CVSSv3
CVE-2018-20925
cPanel prior to 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379).
Cpanel Cpanel
6.7
CVSSv3
CVE-2018-20926
cPanel prior to 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380).
Cpanel Cpanel
6.5
CVSSv3
CVE-2017-18479
In cPanel prior to 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209).
Cpanel Cpanel
6.5
CVSSv3
CVE-2017-18480
cPanel prior to 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
Cpanel Cpanel
6.5
CVSSv3
CVE-2017-18482
cPanel prior to 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).
Cpanel Cpanel
6.5
CVSSv3
CVE-2018-20952
cPanel prior to 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »