Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2016-10825
cPanel prior to 55.9999.141 allows malicious users to bypass a Security Policy by faking static documents (SEC-92).
Cpanel Cpanel
9
CVSSv2
CVE-2016-10828
cPanel prior to 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).
Cpanel Cpanel
1.9
CVSSv2
CVE-2017-18425
In cPanel prior to 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280).
Cpanel Cpanel
5
CVSSv2
CVE-2017-18443
cPanel prior to 64.0.21 allows demo and suspended accounts to use SSH port forwarding (SEC-247).
Cpanel Cpanel
1.9
CVSSv2
CVE-2017-18428
In cPanel prior to 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290).
Cpanel Cpanel
2.1
CVSSv2
CVE-2017-18429
In cPanel prior to 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291).
Cpanel Cpanel
5
CVSSv2
CVE-2017-18431
cPanel prior to 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18426
cPanel prior to 66.0.2 allows resellers to read other accounts' domain log files (SEC-288).
Cpanel Cpanel
2.1
CVSSv2
CVE-2017-18427
In cPanel prior to 66.0.2, weak log-file permissions can occur after account modification (SEC-289).
Cpanel Cpanel
4.3
CVSSv2
CVE-2006-0763
Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in cPanel allows remote malicious users to inject arbitrary web script or HTML via a URL encoded value in the fwd parameter.
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »