Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-18469
cPanel prior to 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233).
Cpanel Cpanel
3.5
CVSSv2
CVE-2017-18471
cPanel prior to 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197).
Cpanel Cpanel
3.5
CVSSv2
CVE-2017-18473
cPanel prior to 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199).
Cpanel Cpanel
6.5
CVSSv2
CVE-2017-18475
In cPanel prior to 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18477
In cPanel prior to 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18478
In cPanel prior to 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18480
cPanel prior to 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18482
cPanel prior to 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).
Cpanel Cpanel
6.5
CVSSv2
CVE-2016-10816
cPanel prior to 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121).
Cpanel Cpanel
10
CVSSv2
CVE-2016-10817
cPanel prior to 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »