Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2071
Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 prior to 11.18.4 and 11.22 prior to 11.22.3 allow remote malicious users to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other ...
Cpanel Cpanel 11.18
Cpanel Cpanel 11.22
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.18.2
NA
CVE-2003-0521
Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote malicious users to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors...
Cpanel Cpanel 6.4
Cpanel Cpanel 5.3
Cpanel Cpanel 5.0
Cpanel Cpanel 6.0
Cpanel Cpanel 6.4.1
Cpanel Cpanel 6.4.2 Stable 48
Cpanel Cpanel 6.4.2
Cpanel Cpanel 6.2
1 EDB exploit
5.4
CVSSv3
CVE-2017-11441
The WHM Upload Locale interface in cPanel prior to 56.0.51, 58.x prior to 58.0.52, 60.x prior to 60.0.45, 62.x prior to 62.0.27, 64.x prior to 64.0.33, and 66.x prior to 66.0.2 has XSS via a locale filename, aka SEC-297.
Cpanel Whm
Cpanel Whm 58.0.34
Cpanel Whm 58.0.43
Cpanel Whm 58.0.19
Cpanel Whm 58.0.4
Cpanel Whm 58.0.46
Cpanel Whm 58.0.27
Cpanel Whm 58.0.45
Cpanel Whm 58.0.29
Cpanel Whm 58.0.24
Cpanel Whm 58.0.50
Cpanel Whm 58.0.17
Cpanel Whm 58.0.49
Cpanel Whm 58.0.48
Cpanel Whm 58.0.32
Cpanel Whm 58.0.28
Cpanel Whm 58.0.47
Cpanel Whm 58.0.7
Cpanel Whm 58.0.13
Cpanel Whm 58.0.11
Cpanel Whm 58.0.51
Cpanel Whm 58.0.23
NA
CVE-2008-2043
Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote malicious users to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) fr...
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.19.3
NA
CVE-2008-1499
Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote malicious users to inject arbitrary web script or HTML via the query string.
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.21
1 EDB exploit
NA
CVE-2005-3505
Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote malicious users to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processe...
Cpanel Cpanel 10.2.0 R82
Cpanel Cpanel 10.6.0 R137
NA
CVE-2007-0890
Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the password parameter.
Cpanel Webhost Manager 6.4
Cpanel Webhost Manager 7.0
Cpanel Webhost Manager 9.1.0 R85
Cpanel Webhost Manager 8.0
Cpanel Webhost Manager 9.4.1 R64
Cpanel Webhost Manager 11
Cpanel Webhost Manager 10.2.0 R82
Cpanel Webhost Manager 6.4.1
Cpanel Webhost Manager 6.2
Cpanel Webhost Manager 10.6.0 R137
Cpanel Webhost Manager 5.0
Cpanel Webhost Manager 10.8.1 Build84
Cpanel Webhost Manager 9.0
Cpanel Webhost Manager 9.1
Cpanel Webhost Manager 10.8.2 118
Cpanel Webhost Manager 6.4.2 Stable 48
Cpanel Webhost Manager 5.3
Cpanel Webhost Manager 6.0
Cpanel Webhost Manager 11.0
Cpanel Webhost Manager 10.9
Cpanel Webhost Manager 10.8.1 113
Cpanel Webhost Manager 11 Beta
1 EDB exploit
5.4
CVSSv3
CVE-2012-6449
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability.
Cpanel Whm 11.34.0
Cpanel Cpanel 11.34.0
7.5
CVSSv3
CVE-2015-9291
cPanel prior to 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).
Cpanel Cpanel
5.5
CVSSv3
CVE-2017-18385
cPanel prior to 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »