Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-26098
cPanel prior to 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26101
In cPanel prior to 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26106
cPanel prior to 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-26110
cPanel prior to 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-26113
cPanel prior to 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-26115
cPanel prior to 90.0.10 allows self XSS via the Cron Editor interface (SEC-574).
Cpanel Cpanel
5
CVSSv2
CVE-2020-12784
cPanel prior to 86.0.14 allows remote malicious users to trigger a bandwidth suspension via mail log strings (SEC-505).
Cpanel Cpanel
5.5
CVSSv2
CVE-2020-12785
cPanel prior to 86.0.14 allows malicious users to obtain access to the current working directory via the account backup feature (SEC-540).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-20494
In cPanel prior to 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
Cpanel Cpanel
3.5
CVSSv2
CVE-2019-20497
cPanel prior to 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »