Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2018-20891
cPanel prior to 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436).
Cpanel Cpanel
6.5
CVSSv2
CVE-2018-20895
In cPanel prior to 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393).
Cpanel Cpanel
2.1
CVSSv2
CVE-2018-20902
cPanel prior to 71.9980.37 allows malicious users to read root's crontab file by leveraging ClamAV installation (SEC-408).
Cpanel Cpanel
3.6
CVSSv2
CVE-2018-20909
cPanel prior to 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338).
Cpanel Cpanel
6.5
CVSSv2
CVE-2018-20912
cPanel prior to 70.0.23 allows demo accounts to execute code via awstats (SEC-362).
Cpanel Cpanel
3.5
CVSSv2
CVE-2018-20916
cPanel prior to 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370).
Cpanel Cpanel
4.3
CVSSv2
CVE-2018-20920
cPanel prior to 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374).
Cpanel Cpanel
5.8
CVSSv2
CVE-2018-20929
cPanel prior to 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392).
Cpanel Cpanel
2.1
CVSSv2
CVE-2018-20936
cPanel prior to 68.0.27 allows malicious users to read the SRS secret via exim.conf (SEC-308).
Cpanel Cpanel
4
CVSSv2
CVE-2018-20938
cPanel prior to 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »