Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2018-20931
cPanel prior to 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405).
Cpanel Cpanel
2.7
CVSSv3
CVE-2018-20932
cPanel prior to 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
Cpanel Cpanel
6.5
CVSSv3
CVE-2018-20934
cPanel prior to 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411).
Cpanel Cpanel
4.3
CVSSv3
CVE-2018-20937
cPanel prior to 68.0.27 does not validate database and dbuser names during renames (SEC-321).
Cpanel Cpanel
3.3
CVSSv3
CVE-2018-20940
cPanel prior to 68.0.27 allows malicious users to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).
Cpanel Cpanel
5.4
CVSSv3
CVE-2019-20491
cPanel prior to 82.0.18 allows malicious users to leverage virtual mail accounts in order to bypass account suspensions (SEC-508).
Cpanel Cpanel
6.5
CVSSv3
CVE-2019-20495
cPanel prior to 82.0.18 allows malicious users to read an arbitrary database via MySQL dump streaming (SEC-531).
Cpanel Cpanel
5.5
CVSSv3
CVE-2019-20496
cPanel prior to 82.0.18 allows malicious users to conduct arbitrary chown operations as root during log processing (SEC-532).
Cpanel Cpanel
5.4
CVSSv3
CVE-2019-20497
cPanel prior to 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).
Cpanel Cpanel
9.8
CVSSv3
CVE-2019-20498
cPanel prior to 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »