Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-18471
cPanel prior to 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197).
Cpanel Cpanel
4.3
CVSSv2
CVE-2018-16236
cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.
Cpanel Cpanel
4.3
CVSSv2
CVE-2021-31803
cPanel prior to 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581).
Cpanel Cpanel
3.5
CVSSv2
CVE-2020-29135
cPanel prior to 90.0.17 has multiple instances of URL parameter injection (SEC-567).
Cpanel Cpanel
4
CVSSv2
CVE-2020-29136
In cPanel prior to 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
Cpanel Cpanel
2.1
CVSSv2
CVE-2018-20862
cPanel prior to 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
Cpanel Cpanel
4.3
CVSSv2
CVE-2018-20865
cPanel prior to 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459).
Cpanel Cpanel
5.8
CVSSv2
CVE-2018-20867
cPanel prior to 76.0.8 has an open redirect when resetting connections (SEC-462).
Cpanel Cpanel
7.2
CVSSv2
CVE-2018-20869
cPanel prior to 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).
Cpanel Cpanel
3.5
CVSSv2
CVE-2018-20874
cPanel prior to 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »