Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-18480
cPanel prior to 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
Cpanel Cpanel
3.5
CVSSv2
CVE-2017-18481
cPanel prior to 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18482
cPanel prior to 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213).
Cpanel Cpanel
4.3
CVSSv2
CVE-2018-16236
cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.
Cpanel Cpanel
3.5
CVSSv2
CVE-2020-29135
cPanel prior to 90.0.17 has multiple instances of URL parameter injection (SEC-567).
Cpanel Cpanel
5
CVSSv2
CVE-2015-9291
cPanel prior to 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).
Cpanel Cpanel
3.5
CVSSv2
CVE-2016-10767
cPanel prior to 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).
Cpanel Cpanel
5.5
CVSSv2
CVE-2016-10768
cPanel prior to 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161).
Cpanel Cpanel
5.8
CVSSv2
CVE-2016-10769
cPanel prior to 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162).
Cpanel Cpanel
2.1
CVSSv2
CVE-2016-10772
cPanel prior to 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »