Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3367
Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the deta...
Cpanel Cpanel
6.5
CVSSv3
CVE-2016-10832
cPanel prior to 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
Cpanel Cpanel
7.5
CVSSv3
CVE-2016-10833
cPanel prior to 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
Cpanel Cpanel
8.8
CVSSv3
CVE-2016-10834
cPanel prior to 55.9999.141 allows account-suspension bypass via ftp (SEC-105).
Cpanel Cpanel
4.3
CVSSv3
CVE-2016-10835
cPanel prior to 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).
Cpanel Cpanel
7.5
CVSSv3
CVE-2016-10837
cPanel prior to 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-26100
chsh in cPanel prior to 88.0.3 allows a Jailshell escape (SEC-497).
Cpanel Cpanel
7.5
CVSSv3
CVE-2020-26107
cPanel prior to 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
Cpanel Cpanel
6.1
CVSSv3
CVE-2020-26111
cPanel prior to 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566).
Cpanel Cpanel
2.7
CVSSv3
CVE-2017-18382
cPanel prior to 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »