Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-18471
cPanel prior to 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197).
Cpanel Cpanel
6.5
CVSSv2
CVE-2017-18475
In cPanel prior to 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18478
In cPanel prior to 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18482
cPanel prior to 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-10114
cPanel prior to 84.0.20 allows stored self-XSS via the HTML file editor (SEC-535).
Cpanel Cpanel
5
CVSSv2
CVE-2020-10116
cPanel prior to 84.0.20 allows malicious users to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10118
cPanel prior to 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26099
cPanel prior to 88.0.3 allows malicious users to bypass the SMTP greylisting protection mechanism (SEC-491).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-26108
cPanel prior to 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26112
The email quota cache in cPanel prior to 90.0.10 allows overwriting of files.
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »