Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2016-10853
cPanel prior to 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86).
Cpanel Cpanel
3.5
CVSSv2
CVE-2016-10854
cPanel prior to 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87).
Cpanel Cpanel
10
CVSSv2
CVE-2016-10855
cPanel prior to 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
Cpanel Cpanel
4
CVSSv2
CVE-2016-10856
cPanel prior to 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).
Cpanel Cpanel
4
CVSSv2
CVE-2016-10857
cPanel prior to 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).
Cpanel Cpanel
5.5
CVSSv2
CVE-2016-10860
cPanel prior to 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).
Cpanel Cpanel
5
CVSSv2
CVE-2020-10116
cPanel prior to 84.0.20 allows malicious users to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).
Cpanel Cpanel
6.4
CVSSv2
CVE-2020-10118
cPanel prior to 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel Cpanel
7.5
CVSSv2
CVE-2020-10119
cPanel prior to 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Cpanel Cpanel
9
CVSSv2
CVE-2020-10120
cPanel prior to 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell (SEC-545).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »