Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-10121
cPanel prior to 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10122
cPanel prior to 84.0.20 allows a webmail or demo account to delete arbitrary files (SEC-547).
Cpanel Cpanel
4.3
CVSSv2
CVE-2019-20493
cPanel prior to 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-20494
In cPanel prior to 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
Cpanel Cpanel
4
CVSSv2
CVE-2019-20495
cPanel prior to 82.0.18 allows malicious users to read an arbitrary database via MySQL dump streaming (SEC-531).
Cpanel Cpanel
4.9
CVSSv2
CVE-2019-20496
cPanel prior to 82.0.18 allows malicious users to conduct arbitrary chown operations as root during log processing (SEC-532).
Cpanel Cpanel
7.5
CVSSv2
CVE-2019-20498
cPanel prior to 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
Cpanel Cpanel
4.6
CVSSv2
CVE-2018-20886
cPanel prior to 74.0.0 insecurely stores phpMyAdmin session files (SEC-418).
Cpanel Cpanel
3.5
CVSSv2
CVE-2016-10778
cPanel prior to 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).
Cpanel Cpanel
6.5
CVSSv2
CVE-2016-10792
cPanel prior to 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »