Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-38590
In cPanel prior to 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
Cpanel Cpanel
4.3
CVSSv2
CVE-2021-31803
cPanel prior to 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581).
5
CVSSv2
CVE-2021-26266
cPanel prior to 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
Cpanel Cpanel
5
CVSSv2
CVE-2021-26267
cPanel prior to 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-29472
EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
Egavilanmedia Under Construction Page With Cpanel 1.0
3.5
CVSSv2
CVE-2020-29135
cPanel prior to 90.0.17 has multiple instances of URL parameter injection (SEC-567).
Cpanel Cpanel
4
CVSSv2
CVE-2020-29136
In cPanel prior to 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-29137
cPanel prior to 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-26098
cPanel prior to 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26099
cPanel prior to 88.0.3 allows malicious users to bypass the SMTP greylisting protection mechanism (SEC-491).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »