Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-2071
Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 prior to 11.18.4 and 11.22 prior to 11.22.3 allow remote malicious users to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other ...
Cpanel Cpanel 11.18
Cpanel Cpanel 11.22
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.18.2
6.8
CVSSv2
CVE-2003-0521
Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote malicious users to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors...
Cpanel Cpanel 6.4
Cpanel Cpanel 5.3
Cpanel Cpanel 5.0
Cpanel Cpanel 6.0
Cpanel Cpanel 6.4.1
Cpanel Cpanel 6.4.2 Stable 48
Cpanel Cpanel 6.4.2
Cpanel Cpanel 6.2
1 EDB exploit
3.5
CVSSv2
CVE-2017-11441
The WHM Upload Locale interface in cPanel prior to 56.0.51, 58.x prior to 58.0.52, 60.x prior to 60.0.45, 62.x prior to 62.0.27, 64.x prior to 64.0.33, and 66.x prior to 66.0.2 has XSS via a locale filename, aka SEC-297.
Cpanel Whm
Cpanel Whm 58.0.34
Cpanel Whm 58.0.43
Cpanel Whm 58.0.19
Cpanel Whm 58.0.4
Cpanel Whm 58.0.46
Cpanel Whm 58.0.27
Cpanel Whm 58.0.45
Cpanel Whm 58.0.29
Cpanel Whm 58.0.24
Cpanel Whm 58.0.50
Cpanel Whm 58.0.17
Cpanel Whm 58.0.49
Cpanel Whm 58.0.48
Cpanel Whm 58.0.32
Cpanel Whm 58.0.28
Cpanel Whm 58.0.47
Cpanel Whm 58.0.7
Cpanel Whm 58.0.13
Cpanel Whm 58.0.11
Cpanel Whm 58.0.51
Cpanel Whm 58.0.23
4.3
CVSSv2
CVE-2008-2043
Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote malicious users to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) fr...
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.19.3
4.3
CVSSv2
CVE-2008-1499
Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote malicious users to inject arbitrary web script or HTML via the query string.
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.21
1 EDB exploit
4.3
CVSSv2
CVE-2005-3505
Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote malicious users to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processe...
Cpanel Cpanel 10.2.0 R82
Cpanel Cpanel 10.6.0 R137
4.3
CVSSv2
CVE-2007-0890
Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the password parameter.
Cpanel Webhost Manager 6.4
Cpanel Webhost Manager 7.0
Cpanel Webhost Manager 9.1.0 R85
Cpanel Webhost Manager 8.0
Cpanel Webhost Manager 9.4.1 R64
Cpanel Webhost Manager 11
Cpanel Webhost Manager 10.2.0 R82
Cpanel Webhost Manager 6.4.1
Cpanel Webhost Manager 6.2
Cpanel Webhost Manager 10.6.0 R137
Cpanel Webhost Manager 5.0
Cpanel Webhost Manager 10.8.1 Build84
Cpanel Webhost Manager 9.0
Cpanel Webhost Manager 9.1
Cpanel Webhost Manager 10.8.2 118
Cpanel Webhost Manager 6.4.2 Stable 48
Cpanel Webhost Manager 5.3
Cpanel Webhost Manager 6.0
Cpanel Webhost Manager 11.0
Cpanel Webhost Manager 10.9
Cpanel Webhost Manager 10.8.1 113
Cpanel Webhost Manager 11 Beta
1 EDB exploit
3.5
CVSSv2
CVE-2012-6449
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability.
Cpanel Whm 11.34.0
Cpanel Cpanel 11.34.0
NA
CVE-2023-29489
An issue exists in cPanel prior to 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
Cpanel Cpanel
26 Github repositories
3.5
CVSSv2
CVE-2019-20497
cPanel prior to 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »