Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2009-2275
Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote malicious users to read arbitrary files via a .. (dot dot) in the domain parameter.
Cpanel Cpanel
1 EDB exploit
383
VMScore
CVE-2007-3366
Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the detail...
Cpanel Cpanel
694
VMScore
CVE-2007-3367
Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the deta...
Cpanel Cpanel
454
VMScore
CVE-2006-2825
cPanel does not automatically synchronize the PHP open_basedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script tha...
Cpanel Cpanel
265
VMScore
CVE-2006-3337
Cross-site scripting (XSS) vulnerability in frontend/x/files/select.html in cPanel 10.8.2-CURRENT 118 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the file parameter.
Cpanel Cpanel
1 EDB exploit
435
VMScore
CVE-2008-6927
Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote malicious users to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (...
Cpanel Cpanel
1 EDB exploit
445
VMScore
CVE-2015-9291
cPanel prior to 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).
Cpanel Cpanel
516
VMScore
CVE-2017-18414
cPanel prior to 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300).
Cpanel Cpanel
409
VMScore
CVE-2017-18415
cPanel prior to 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302).
Cpanel Cpanel
320
VMScore
CVE-2017-18416
cPanel prior to 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303).
Cpanel Cpanel
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »