Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-14387
cPanel prior to 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506).
Cpanel Cpanel
7.5
CVSSv3
CVE-2019-14388
cPanel prior to 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
Cpanel Cpanel
7.8
CVSSv3
CVE-2019-14389
cPanel prior to 82.0.2 allows local users to discover the MySQL root password (SEC-510).
Cpanel Cpanel
5.4
CVSSv3
CVE-2019-14390
cPanel prior to 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14391
cPanel prior to 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
Cpanel Cpanel
8.8
CVSSv3
CVE-2019-14392
cPanel prior to 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501).
Cpanel Cpanel
5.3
CVSSv3
CVE-2019-14393
cPanel prior to 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486).
Cpanel Cpanel
5.5
CVSSv3
CVE-2019-14394
cPanel prior to 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14395
cPanel prior to 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14396
API Analytics adminbin in cPanel prior to 80.0.5 allows spoofed insertions of log data (SEC-495).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »