Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-10119
cPanel prior to 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Cpanel Cpanel
7.2
CVSSv3
CVE-2020-10120
cPanel prior to 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell (SEC-545).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-10121
cPanel prior to 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).
Cpanel Cpanel
6.1
CVSSv3
CVE-2017-18456
cPanel prior to 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217).
Cpanel Cpanel
7.8
CVSSv3
CVE-2017-18459
cPanel prior to 62.0.17 allows arbitrary code execution during account modification (SEC-220).
Cpanel Cpanel
7.8
CVSSv3
CVE-2017-18460
cPanel prior to 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221).
Cpanel Cpanel
7.8
CVSSv3
CVE-2019-14400
cPanel prior to 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479).
Cpanel Cpanel
4.3
CVSSv3
CVE-2019-14403
cPanel prior to 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483).
Cpanel Cpanel
5.5
CVSSv3
CVE-2019-14404
cPanel prior to 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).
Cpanel Cpanel
7.5
CVSSv3
CVE-2015-9291
cPanel prior to 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »