Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel cpanel vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2023_29489
XSS_1312 Mass Scaning vulnerability in Cpanel [XSS] KALI LINUX sudo pip install BeautifulSoup sudo pip install shodan sudo pip install pystyle git clone https://github.com/tucommenceapousser/XSS_1312.git cd XSS_1312 python cve_2023_29489.py TERMUX pkg install BeautifulSoup pkg in...
1 Github repository
NA
CVE-2022-48623
The Cpanel::JSON::XS package prior to 4.33 for Perl performs out-of-bounds accesses in a way that allows malicious users to obtain sensitive information or cause a denial of service.
9.8
CVSSv3
CVE-2022-47532
FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users§ion=cpanel&page=list request.
Filerun Filerun 20220519
6.1
CVSSv3
CVE-2023-29489
An issue exists in cPanel prior to 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
Cpanel Cpanel
26 Github repositories
5.5
CVSSv3
CVE-2021-38590
In cPanel prior to 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
Cpanel Cpanel
7.2
CVSSv3
CVE-2021-38584
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows XXE attacks (SEC-585).
Cpanel Cpanel
8.1
CVSSv3
CVE-2021-38588
In cPanel prior to 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587).
Cpanel Cpanel
7.2
CVSSv3
CVE-2021-38585
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows unserialization attacks (SEC-585).
Cpanel Cpanel
4.4
CVSSv3
CVE-2021-38586
In cPanel prior to 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).
Cpanel Cpanel
7.5
CVSSv3
CVE-2021-38587
In cPanel prior to 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »