Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2016-10818
cPanel prior to 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup (SEC-124).
Cpanel Cpanel
4
CVSSv2
CVE-2016-10819
In cPanel prior to 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).
Cpanel Cpanel
6.5
CVSSv2
CVE-2021-38585
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows unserialization attacks (SEC-585).
Cpanel Cpanel
5.5
CVSSv2
CVE-2021-38589
In cPanel prior to 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588).
Cpanel Cpanel
NA
CVE-2023-29489
An issue exists in cPanel prior to 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
Cpanel Cpanel
26 Github repositories
2.1
CVSSv2
CVE-2019-14395
cPanel prior to 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
Cpanel Cpanel
6.5
CVSSv2
CVE-2019-14398
cPanel prior to 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498).
Cpanel Cpanel
6.5
CVSSv2
CVE-2019-14401
cPanel prior to 78.0.18 allows code execution via an addforward API1 call (SEC-480).
Cpanel Cpanel
8.5
CVSSv2
CVE-2008-2478
scripts/wwwacct in cPanel 11.18.6 STABLE and previous versions and 11.23.1 CURRENT and previous versions allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor...
Cpanel Cpanel
1 EDB exploit
4.3
CVSSv2
CVE-2007-3366
Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel prior to 10.9.1, and 11.x prior to 11.4.19-R14378, allows remote malicious users to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the detail...
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »