Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-10116
cPanel prior to 84.0.20 allows malicious users to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).
Cpanel Cpanel
9.1
CVSSv3
CVE-2020-10117
cPanel prior to 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
Cpanel Cpanel
6.1
CVSSv3
CVE-2019-20493
cPanel prior to 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-20494
In cPanel prior to 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
Cpanel Cpanel
5.5
CVSSv3
CVE-2019-20496
cPanel prior to 82.0.18 allows malicious users to conduct arbitrary chown operations as root during log processing (SEC-532).
Cpanel Cpanel
5.4
CVSSv3
CVE-2019-20497
cPanel prior to 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).
Cpanel Cpanel
9.8
CVSSv3
CVE-2019-20498
cPanel prior to 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
Cpanel Cpanel
8.8
CVSSv3
CVE-2019-20490
cPanel prior to 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499).
Cpanel Cpanel
6.5
CVSSv3
CVE-2019-20495
cPanel prior to 82.0.18 allows malicious users to read an arbitrary database via MySQL dump streaming (SEC-531).
Cpanel Cpanel
8.8
CVSSv3
CVE-2019-20492
cPanel prior to 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »