Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-14391
cPanel prior to 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14394
cPanel prior to 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14396
API Analytics adminbin in cPanel prior to 80.0.5 allows spoofed insertions of log data (SEC-495).
Cpanel Cpanel
7.2
CVSSv2
CVE-2019-14400
cPanel prior to 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-10113
cPanel prior to 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10118
cPanel prior to 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel Cpanel
3.5
CVSSv2
CVE-2017-18481
cPanel prior to 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211).
Cpanel Cpanel
5.5
CVSSv2
CVE-2019-20491
cPanel prior to 82.0.18 allows malicious users to leverage virtual mail accounts in order to bypass account suspensions (SEC-508).
Cpanel Cpanel
4.3
CVSSv2
CVE-2019-20493
cPanel prior to 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-20494
In cPanel prior to 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »