Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
3.8
CVSSv3
CVE-2017-18398
DnsUtils in cPanel prior to 68.0.15 allows zone creation for hostname and account subdomains (SEC-331).
Cpanel Cpanel
5.5
CVSSv3
CVE-2017-18405
cPanel prior to 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345).
Cpanel Cpanel
7.5
CVSSv3
CVE-2017-18406
cPanel prior to 67.9999.103 allows SQL injection during eximstats processing (SEC-276).
Cpanel Cpanel
2.5
CVSSv3
CVE-2017-18428
In cPanel prior to 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290).
Cpanel Cpanel
6.3
CVSSv3
CVE-2017-18439
cPanel prior to 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243).
Cpanel Cpanel
5.3
CVSSv3
CVE-2017-18442
cPanel prior to 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246).
Cpanel Cpanel
5.3
CVSSv3
CVE-2017-18444
cPanel prior to 64.0.21 allows demo accounts to execute SSH API commands (SEC-248).
Cpanel Cpanel
6.1
CVSSv3
CVE-2017-18456
cPanel prior to 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217).
Cpanel Cpanel
7.8
CVSSv3
CVE-2017-18459
cPanel prior to 62.0.17 allows arbitrary code execution during account modification (SEC-220).
Cpanel Cpanel
7.5
CVSSv3
CVE-2017-18462
cPanel prior to 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »