Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2016-10837
cPanel prior to 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
Cpanel Cpanel
8.5
CVSSv2
CVE-2016-10846
cPanel prior to 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79).
Cpanel Cpanel
8.5
CVSSv2
CVE-2008-2478
scripts/wwwacct in cPanel 11.18.6 STABLE and previous versions and 11.23.1 CURRENT and previous versions allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor...
Cpanel Cpanel
1 EDB exploit
7.9
CVSSv2
CVE-2018-20945
bin/csvprocess in cPanel prior to 68.0.27 allows insecure file operations (SEC-354).
Cpanel Cpanel
7.8
CVSSv2
CVE-2007-3367
Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the deta...
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-29472
EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
Egavilanmedia Under Construction Page With Cpanel 1.0
7.5
CVSSv2
CVE-2020-26098
cPanel prior to 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-26100
chsh in cPanel prior to 88.0.3 allows a Jailshell escape (SEC-497).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-26108
cPanel prior to 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
Cpanel Cpanel
7.5
CVSSv2
CVE-2019-20498
cPanel prior to 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »