Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-14410
Maketext in cPanel prior to 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).
Cpanel Cpanel
5
CVSSv2
CVE-2019-14411
cPanel prior to 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14412
Maketext in cPanel prior to 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).
Cpanel Cpanel
4
CVSSv2
CVE-2019-14413
cPanel prior to 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476).
Cpanel Cpanel
9
CVSSv2
CVE-2017-18386
cPanel prior to 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).
Cpanel Cpanel
6.5
CVSSv2
CVE-2017-18389
cPanel prior to 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).
Cpanel Cpanel
5.5
CVSSv2
CVE-2017-18398
DnsUtils in cPanel prior to 68.0.15 allows zone creation for hostname and account subdomains (SEC-331).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18401
cPanel prior to 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334).
Cpanel Cpanel
4.9
CVSSv2
CVE-2017-18404
cPanel prior to 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341).
Cpanel Cpanel
3.5
CVSSv2
CVE-2017-18408
cPanel prior to 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »