Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-20876
cPanel prior to 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).
Cpanel Cpanel
3.3
CVSSv3
CVE-2018-20880
cPanel prior to 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).
Cpanel Cpanel
6.8
CVSSv3
CVE-2018-20882
cPanel prior to 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447).
Cpanel Cpanel
6.5
CVSSv3
CVE-2018-20883
cPanel prior to 74.0.8 allows FTP access during account suspension (SEC-449).
Cpanel Cpanel
5.3
CVSSv3
CVE-2018-20885
cPanel prior to 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).
Cpanel Cpanel
5.3
CVSSv3
CVE-2018-20886
cPanel prior to 74.0.0 insecurely stores phpMyAdmin session files (SEC-418).
Cpanel Cpanel
9.8
CVSSv3
CVE-2018-20887
cPanel prior to 74.0.0 allows SQL injection during database backups (SEC-420).
Cpanel Cpanel
5.5
CVSSv3
CVE-2018-20888
cPanel prior to 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).
Cpanel Cpanel
4.4
CVSSv3
CVE-2018-20889
cPanel prior to 74.0.0 allows certain file-read operations via password file caching (SEC-425).
Cpanel Cpanel
8.8
CVSSv3
CVE-2019-20490
cPanel prior to 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »