Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2016-10805
cPanel prior to 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109).
Cpanel Cpanel
9
CVSSv2
CVE-2016-10809
In cPanel prior to 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114).
Cpanel Cpanel
4
CVSSv2
CVE-2016-10815
cPanel prior to 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).
Cpanel Cpanel
10
CVSSv2
CVE-2016-10817
cPanel prior to 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
Cpanel Cpanel
4
CVSSv2
CVE-2016-10818
cPanel prior to 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup (SEC-124).
Cpanel Cpanel
4
CVSSv2
CVE-2016-10819
In cPanel prior to 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).
Cpanel Cpanel
9
CVSSv2
CVE-2016-10820
cPanel prior to 55.9999.141 allows daemons to access their controlling TTYs (SEC-31).
Cpanel Cpanel
3.5
CVSSv2
CVE-2016-10822
cPanel prior to 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).
Cpanel Cpanel
9.3
CVSSv2
CVE-2016-10824
cPanel prior to 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
Cpanel Cpanel
5.5
CVSSv2
CVE-2016-10825
cPanel prior to 55.9999.141 allows malicious users to bypass a Security Policy by faking static documents (SEC-92).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »