Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel whm vulnerabilities and exploits
(subscribe to this query)
2.7
CVSSv3
CVE-2018-20938
cPanel prior to 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).
Cpanel Cpanel
6.5
CVSSv3
CVE-2018-20952
cPanel prior to 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
Cpanel Cpanel
4.9
CVSSv3
CVE-2017-18464
cPanel prior to 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226).
Cpanel Cpanel
6.5
CVSSv3
CVE-2017-18479
In cPanel prior to 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209).
Cpanel Cpanel
5.4
CVSSv3
CVE-2016-10776
cPanel prior to 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).
Cpanel Cpanel
4.9
CVSSv3
CVE-2018-20913
cPanel prior to 70.0.23 allows malicious users to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364).
Cpanel Cpanel
5.5
CVSSv3
CVE-2018-20924
cPanel prior to 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
Cpanel Cpanel
6.7
CVSSv3
CVE-2018-20925
cPanel prior to 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379).
Cpanel Cpanel
5.4
CVSSv3
CVE-2018-20935
cPanel prior to 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412).
Cpanel Cpanel
6.5
CVSSv3
CVE-2017-18482
cPanel prior to 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »