Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-20495
cPanel prior to 82.0.18 allows malicious users to read an arbitrary database via MySQL dump streaming (SEC-531).
Cpanel Cpanel
4.3
CVSSv2
CVE-2019-14387
cPanel prior to 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506).
Cpanel Cpanel
5
CVSSv2
CVE-2019-14388
cPanel prior to 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14389
cPanel prior to 82.0.2 allows local users to discover the MySQL root password (SEC-510).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14391
cPanel prior to 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
Cpanel Cpanel
4.6
CVSSv2
CVE-2019-14393
cPanel prior to 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14396
API Analytics adminbin in cPanel prior to 80.0.5 allows spoofed insertions of log data (SEC-495).
Cpanel Cpanel
4.3
CVSSv2
CVE-2019-14406
cPanel prior to 78.0.18 has stored XSS in the BoxTrapper Queue Listing (SEC-493).
Cpanel Cpanel
5
CVSSv2
CVE-2019-14411
cPanel prior to 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473).
Cpanel Cpanel
4
CVSSv2
CVE-2019-14413
cPanel prior to 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »