Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-10833
cPanel prior to 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
Cpanel Cpanel
NA
CVE-2007-3366
Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the detail...
Cpanel Cpanel
NA
CVE-2007-3367
Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the deta...
Cpanel Cpanel
6.1
CVSSv3
CVE-2019-14387
cPanel prior to 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506).
Cpanel Cpanel
7.8
CVSSv3
CVE-2019-14389
cPanel prior to 82.0.2 allows local users to discover the MySQL root password (SEC-510).
Cpanel Cpanel
5.4
CVSSv3
CVE-2019-14390
cPanel prior to 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512).
Cpanel Cpanel
8.8
CVSSv3
CVE-2019-14392
cPanel prior to 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501).
Cpanel Cpanel
5.3
CVSSv3
CVE-2019-14393
cPanel prior to 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486).
Cpanel Cpanel
5.5
CVSSv3
CVE-2019-14394
cPanel prior to 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14395
cPanel prior to 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »