Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-26101
In cPanel prior to 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26103
In cPanel prior to 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26104
In cPanel prior to 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26106
cPanel prior to 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26107
cPanel prior to 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26109
cPanel prior to 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557).
Cpanel Cpanel
5
CVSSv2
CVE-2020-26112
The email quota cache in cPanel prior to 90.0.10 allows overwriting of files.
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-26113
cPanel prior to 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569).
Cpanel Cpanel
4.3
CVSSv2
CVE-2020-26115
cPanel prior to 90.0.10 allows self XSS via the Cron Editor interface (SEC-574).
Cpanel Cpanel
4.3
CVSSv2
CVE-2018-16236
cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »