Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2016-10849
cPanel prior to 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82).
Cpanel Cpanel
312
VMScore
CVE-2016-10851
cPanel prior to 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84).
Cpanel Cpanel
890
VMScore
CVE-2016-10855
cPanel prior to 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
Cpanel Cpanel
828
VMScore
CVE-2016-10858
cPanel prior to 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).
Cpanel Cpanel
187
VMScore
CVE-2019-14391
cPanel prior to 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
Cpanel Cpanel
578
VMScore
CVE-2021-38585
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows unserialization attacks (SEC-585).
Cpanel Cpanel
187
VMScore
CVE-2021-38586
In cPanel prior to 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).
Cpanel Cpanel
605
VMScore
CVE-2021-38588
In cPanel prior to 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587).
Cpanel Cpanel
187
VMScore
CVE-2021-38590
In cPanel prior to 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
Cpanel Cpanel
NA
CVE-2023-29489
An issue exists in cPanel prior to 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
Cpanel Cpanel
22 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »