Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2070
The WHM interface 11.15.0 for cPanel 11.18 prior to 11.18.4 and 11.22 prior to 11.22.3 allows remote malicious users to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue par...
Cpanel Cpanel 11.18
Cpanel Cpanel 11.22
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.18.2
3 EDB exploits
NA
CVE-2008-2071
Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 prior to 11.18.4 and 11.22 prior to 11.22.3 allow remote malicious users to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other ...
Cpanel Cpanel 11.18
Cpanel Cpanel 11.22
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.18.2
5.4
CVSSv3
CVE-2017-11441
The WHM Upload Locale interface in cPanel prior to 56.0.51, 58.x prior to 58.0.52, 60.x prior to 60.0.45, 62.x prior to 62.0.27, 64.x prior to 64.0.33, and 66.x prior to 66.0.2 has XSS via a locale filename, aka SEC-297.
Cpanel Whm
Cpanel Whm 58.0.36
Cpanel Whm 58.0.37
Cpanel Whm 58.0.4
Cpanel Whm 58.0.41
Cpanel Whm 58.0.28
Cpanel Whm 58.0.29
Cpanel Whm 58.0.3
Cpanel Whm 58.0.30
Cpanel Whm 58.0.6
Cpanel Whm 58.0.47
Cpanel Whm 58.0.48
Cpanel Whm 58.0.49
Cpanel Whm 58.0.5
Cpanel Whm 58.0.24
Cpanel Whm 58.0.13
Cpanel Whm 58.0.17
Cpanel Whm 58.0.12
Cpanel Whm 58.0.7
Cpanel Whm 58.0.32
Cpanel Whm 58.0.44
Cpanel Whm 58.0.46
NA
CVE-2005-3505
Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote malicious users to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processe...
Cpanel Cpanel 10.2.0 R82
Cpanel Cpanel 10.6.0 R137
NA
CVE-2008-2043
Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote malicious users to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) fr...
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.19.3
NA
CVE-2008-1499
Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote malicious users to inject arbitrary web script or HTML via the query string.
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.21
1 EDB exploit
NA
CVE-2007-0890
Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the password parameter.
Cpanel Webhost Manager 11
Cpanel Webhost Manager 11.0
Cpanel Webhost Manager 6.4.1
Cpanel Webhost Manager 6.4.2
Cpanel Webhost Manager 9.4.1 R64
Cpanel Webhost Manager 9.9.1 R3
Cpanel Webhost Manager 10.6.0 R137
Cpanel Webhost Manager 10.8.1 113
Cpanel Webhost Manager 10.8.1 Build84
Cpanel Webhost Manager 5.3
Cpanel Webhost Manager 6.0
Cpanel Webhost Manager 8.0
Cpanel Webhost Manager 9.0
Cpanel Webhost Manager 10.8.2 118
Cpanel Webhost Manager 10.9
Cpanel Webhost Manager 6.2
Cpanel Webhost Manager 6.4
Cpanel Webhost Manager 9.1
Cpanel Webhost Manager 9.1.0 R85
Cpanel Webhost Manager 10.2.0 R82
Cpanel Webhost Manager 11 Beta
Cpanel Webhost Manager 5.0
1 EDB exploit
5.4
CVSSv3
CVE-2012-6449
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability.
Cpanel Cpanel 11.34.0
Cpanel Whm 11.34.0
6.5
CVSSv3
CVE-2018-20883
cPanel prior to 74.0.8 allows FTP access during account suspension (SEC-449).
Cpanel Cpanel
6.5
CVSSv3
CVE-2016-10785
cPanel prior to 60.0.25 allows malicious users to discover file contents during file copy operations (SEC-185).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »