Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-14387
cPanel prior to 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506).
Cpanel Cpanel
5
CVSSv2
CVE-2019-14388
cPanel prior to 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
Cpanel Cpanel
3.5
CVSSv2
CVE-2019-14390
cPanel prior to 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14391
cPanel prior to 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
Cpanel Cpanel
4.6
CVSSv2
CVE-2019-14393
cPanel prior to 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486).
Cpanel Cpanel
2.1
CVSSv2
CVE-2019-14396
API Analytics adminbin in cPanel prior to 80.0.5 allows spoofed insertions of log data (SEC-495).
Cpanel Cpanel
5
CVSSv2
CVE-2019-14397
cPanel prior to 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496).
Cpanel Cpanel
6.5
CVSSv2
CVE-2019-14398
cPanel prior to 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498).
Cpanel Cpanel
6.1
CVSSv2
CVE-2019-14399
The SSL certificate-storage feature in cPanel prior to 78.0.18 allows unsafe file operations in the context of the root account (SEC-477).
Cpanel Cpanel
6.5
CVSSv2
CVE-2019-14401
cPanel prior to 78.0.18 allows code execution via an addforward API1 call (SEC-480).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »