Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-10817
cPanel prior to 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
Cpanel Cpanel
9.8
CVSSv3
CVE-2016-10824
cPanel prior to 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
Cpanel Cpanel
9.8
CVSSv3
CVE-2016-10855
cPanel prior to 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
Cpanel Cpanel
9.8
CVSSv3
CVE-2016-10858
cPanel prior to 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).
Cpanel Cpanel
9.8
CVSSv3
CVE-2018-20887
cPanel prior to 74.0.0 allows SQL injection during database backups (SEC-420).
Cpanel Cpanel
9.8
CVSSv3
CVE-2018-20863
cPanel prior to 76.0.8 allows remote malicious users to execute arbitrary code via mailing-list attachments (SEC-452).
Cpanel Cpanel
9.8
CVSSv3
CVE-2017-1000501
Awstats version 7.6 and previous versions is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
Awstats Awstats
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2009-2168
cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and previous versions sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote malicious users to bypass authentication by providing arbitrary username and password pa...
Egyplus 7ammel
1 EDB exploit
9.1
CVSSv3
CVE-2020-10118
cPanel prior to 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel Cpanel
9.1
CVSSv3
CVE-2020-10117
cPanel prior to 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »