Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-20498
cPanel prior to 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
Cpanel Cpanel
9
CVSSv2
CVE-2020-10115
cPanel prior to 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10118
cPanel prior to 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel Cpanel
9
CVSSv2
CVE-2020-10120
cPanel prior to 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell (SEC-545).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10122
cPanel prior to 84.0.20 allows a webmail or demo account to delete arbitrary files (SEC-547).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-10114
cPanel prior to 84.0.20 allows stored self-XSS via the HTML file editor (SEC-535).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10117
cPanel prior to 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-10113
cPanel prior to 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).
Cpanel Cpanel
5
CVSSv2
CVE-2020-10116
cPanel prior to 84.0.20 allows malicious users to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-10119
cPanel prior to 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »