Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
2.7
CVSSv3
CVE-2017-18395
cPanel prior to 68.0.15 does not block a username of ssl (SEC-328).
Cpanel Cpanel
3.7
CVSSv3
CVE-2017-18399
cPanel prior to 68.0.15 allows malicious users to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332).
Cpanel Cpanel
2.7
CVSSv3
CVE-2017-18401
cPanel prior to 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334).
Cpanel Cpanel
7.8
CVSSv3
CVE-2018-20862
cPanel prior to 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
Cpanel Cpanel
6.5
CVSSv3
CVE-2018-20864
cPanel prior to 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454).
Cpanel Cpanel
6.1
CVSSv3
CVE-2018-20867
cPanel prior to 76.0.8 has an open redirect when resetting connections (SEC-462).
Cpanel Cpanel
7.8
CVSSv3
CVE-2018-20869
cPanel prior to 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).
Cpanel Cpanel
3.3
CVSSv3
CVE-2018-20873
cPanel prior to 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
Cpanel Cpanel
5.4
CVSSv3
CVE-2018-20874
cPanel prior to 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428).
Cpanel Cpanel
5.4
CVSSv3
CVE-2018-20875
cPanel prior to 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433).
Cpanel Cpanel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »