Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel whm vulnerabilities and exploits
(subscribe to this query)
2.7
CVSSv3
CVE-2018-20938
cPanel prior to 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).
Cpanel Cpanel
6.1
CVSSv3
CVE-2018-20950
cPanel prior to 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).
Cpanel Cpanel
6.5
CVSSv3
CVE-2018-20952
cPanel prior to 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
Cpanel Cpanel
6.1
CVSSv3
CVE-2018-20953
cPanel prior to 68.0.27 allows self XSS in the WHM listips interface (SEC-389).
Cpanel Cpanel
5.4
CVSSv3
CVE-2016-10827
cPanel prior to 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).
Cpanel Cpanel
5.5
CVSSv3
CVE-2018-20924
cPanel prior to 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
Cpanel Cpanel
6.7
CVSSv3
CVE-2018-20926
cPanel prior to 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380).
Cpanel Cpanel
5.4
CVSSv3
CVE-2018-20935
cPanel prior to 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412).
Cpanel Cpanel
6.7
CVSSv3
CVE-2018-20925
cPanel prior to 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379).
Cpanel Cpanel
5.4
CVSSv3
CVE-2018-20933
cPanel prior to 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »