Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-14409
cPanel prior to 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14410
Maketext in cPanel prior to 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).
Cpanel Cpanel
5.3
CVSSv3
CVE-2019-14411
cPanel prior to 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473).
Cpanel Cpanel
3.3
CVSSv3
CVE-2019-14412
Maketext in cPanel prior to 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).
Cpanel Cpanel
4.3
CVSSv3
CVE-2019-14413
cPanel prior to 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476).
Cpanel Cpanel
7.2
CVSSv3
CVE-2021-38585
The WHM Locale Upload feature in cPanel prior to 98.0.1 allows unserialization attacks (SEC-585).
Cpanel Cpanel
4.4
CVSSv3
CVE-2021-38586
In cPanel prior to 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).
Cpanel Cpanel
8.1
CVSSv3
CVE-2021-38588
In cPanel prior to 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587).
Cpanel Cpanel
8.1
CVSSv3
CVE-2021-38589
In cPanel prior to 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588).
Cpanel Cpanel
NA
CVE-2006-0533
Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote malicious users to inject arbitrary web script or HTML via the numdays parameter.
Cpanel Cpanel -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »