Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-18479
In cPanel prior to 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18480
cPanel prior to 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-10113
cPanel prior to 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).
Cpanel Cpanel
9
CVSSv2
CVE-2020-10115
cPanel prior to 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10118
cPanel prior to 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-10119
cPanel prior to 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10122
cPanel prior to 84.0.20 allows a webmail or demo account to delete arbitrary files (SEC-547).
Cpanel Cpanel
3.5
CVSSv2
CVE-2020-29135
cPanel prior to 90.0.17 has multiple instances of URL parameter injection (SEC-567).
Cpanel Cpanel
4
CVSSv2
CVE-2020-29136
In cPanel prior to 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-29137
cPanel prior to 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »