Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-20493
cPanel prior to 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-20494
In cPanel prior to 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
Cpanel Cpanel
4
CVSSv2
CVE-2019-20495
cPanel prior to 82.0.18 allows malicious users to read an arbitrary database via MySQL dump streaming (SEC-531).
Cpanel Cpanel
3.5
CVSSv2
CVE-2019-20497
cPanel prior to 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-10114
cPanel prior to 84.0.20 allows stored self-XSS via the HTML file editor (SEC-535).
Cpanel Cpanel
9
CVSSv2
CVE-2020-10115
cPanel prior to 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).
Cpanel Cpanel
5
CVSSv2
CVE-2020-10116
cPanel prior to 84.0.20 allows malicious users to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10117
cPanel prior to 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-10119
cPanel prior to 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-10121
cPanel prior to 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »