Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2016-10804
The SQLite journal feature in cPanel prior to 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58).
Cpanel Cpanel
8.1
CVSSv3
CVE-2016-10830
cPanel prior to 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).
Cpanel Cpanel
6.5
CVSSv3
CVE-2016-10842
cPanel prior to 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).
Cpanel Cpanel
7.5
CVSSv3
CVE-2021-26267
cPanel prior to 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
Cpanel Cpanel
6.1
CVSSv3
CVE-2020-10113
cPanel prior to 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).
Cpanel Cpanel
7.2
CVSSv3
CVE-2020-10115
cPanel prior to 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).
Cpanel Cpanel
9.1
CVSSv3
CVE-2020-10117
cPanel prior to 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
Cpanel Cpanel
9.1
CVSSv3
CVE-2020-10118
cPanel prior to 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-10119
cPanel prior to 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-10121
cPanel prior to 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »