Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-38590
In cPanel prior to 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
Cpanel Cpanel
6.1
CVSSv3
CVE-2021-31803
cPanel prior to 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581).
7.5
CVSSv3
CVE-2021-26266
cPanel prior to 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
Cpanel Cpanel
7.5
CVSSv3
CVE-2021-26267
cPanel prior to 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-29472
EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
Egavilanmedia Under Construction Page With Cpanel 1.0
4.1
CVSSv3
CVE-2020-29135
cPanel prior to 90.0.17 has multiple instances of URL parameter injection (SEC-567).
Cpanel Cpanel
6.1
CVSSv3
CVE-2020-29137
cPanel prior to 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577).
Cpanel Cpanel
6.5
CVSSv3
CVE-2020-29136
In cPanel prior to 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-26100
chsh in cPanel prior to 88.0.3 allows a Jailshell escape (SEC-497).
Cpanel Cpanel
7.5
CVSSv3
CVE-2020-26107
cPanel prior to 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »