Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-20869
cPanel prior to 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).
Cpanel Cpanel
7.8
CVSSv3
CVE-2019-14400
cPanel prior to 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479).
Cpanel Cpanel
7.8
CVSSv3
CVE-2019-14389
cPanel prior to 82.0.2 allows local users to discover the MySQL root password (SEC-510).
Cpanel Cpanel
7.8
CVSSv3
CVE-2017-5613
Format string vulnerability in cgiemail and cgiecho allows remote malicious users to execute arbitrary code via format string specifiers in a template file.
Cpanel Cgiecho -
Cpanel Cgiemail -
7.5
CVSSv3
CVE-2021-38587
In cPanel prior to 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586).
Cpanel Cpanel
7.5
CVSSv3
CVE-2021-26266
cPanel prior to 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
Cpanel Cpanel
7.5
CVSSv3
CVE-2021-26267
cPanel prior to 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
Cpanel Cpanel
7.5
CVSSv3
CVE-2020-26103
In cPanel prior to 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).
Cpanel Cpanel
7.5
CVSSv3
CVE-2020-26099
cPanel prior to 88.0.3 allows malicious users to bypass the SMTP greylisting protection mechanism (SEC-491).
Cpanel Cpanel
7.5
CVSSv3
CVE-2020-26102
In cPanel prior to 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »