cpanel

426 tracked vulnerabilities.

CVE-2016-10855 CRITICAL
cPanel 11.48.0.5-11.48.5.2 - Unauthenticated Remote Code Execution via cpsrvd
Aug 01, 2019
CVSS 9.8
EPSS 0.01
CVE-2016-10854 MEDIUM
cPanel 11.48.0.5-11.48.5.2 - Stored Cross-Site Scripting in X3 Entropy Banner Interface
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2016-10853 MEDIUM
cPanel 11.48.0.5-11.48.4.8 - Stored Cross-Site Scripting in WHM Feature Manager Interface
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2016-10852 MEDIUM
cPanel 11.48.0.5-11.48.5.2 - Improper Access Control in AppConfig Subsystem
Aug 01, 2019
CVSS 6.5
EPSS 0.00
CVE-2016-10851 MEDIUM
cPanel 11.48.0.5-11.48.5.2 - Stored Cross-Site Scripting in WHM PHP Configuration Editor
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2016-10850 HIGH
cPanel 11.48.0.5-11.48.5.2 - Remote Code Execution via synccpaddonswithsqlhost Script
Aug 01, 2019
CVSS 8.8
EPSS 0.01
CVE-2015-9291 HIGH
cPanel < 11.52.0.13 - Unauthenticated Arbitrary File Read via get_information_for_applications
Aug 01, 2019
CVSS 7.5
EPSS 0.00
CVE-2012-6449 MEDIUM
cPanel & WHM 11.34.0 - Cross-Site Scripting in clientconf.html and detailbw.html
Feb 10, 2020
CVSS 5.4
EPSS 0.00
CVE-2012-6448 MEDIUM
cPanel WebHost Manager 11.34.0 - Cross-Site Scripting
Jan 27, 2020
CVSS 6.1
EPSS 0.00
CVE-2009-4823
cPanel 11.0-11.24.7 - Cross-Site Scripting via Fileop Parameter
Apr 27, 2010
EPSS 0.02
CVE-2009-2275
cPanel - Path Traversal via Domain Parameter in Last Visit Stats Page
Jul 01, 2009
EPSS 0.01
CVE-2008-7142
cPanel 11.18.3 - Path Traversal via Disk Usage Module showtree Parameter
Sep 01, 2009
EPSS 0.02
CVE-2008-6927
cPanel - Cross-Site Scripting via Fantastico De Luxe Module Parameters
Aug 10, 2009
EPSS 0.04
CVE-2008-6843
Fantastico De Luxe - Path Traversal via sup3r Parameter
Jul 02, 2009
EPSS 0.01
CVE-2008-2478
cPanel < 11.8.6 and < 11.23.1 - Authenticated Remote Code Execution via Email Address Field
May 28, 2008
EPSS 0.06
CVE-2008-2070
cPanel 11.15.0-11.18.3 and 11.22-11.22.2 - Cross-Site Scripting via Malformed HTML Tags
May 12, 2008
EPSS 0.01
CVE-2008-2071
cPanel WHM 11.18-11.18.3 and 11.22-11.22.2 - Cross-Site Request Forgery
May 12, 2008
EPSS 0.00
CVE-2008-2043
cPanel - Cross-Site Request Forgery via Multiple Frontend Endpoints
May 01, 2008
EPSS 0.00
CVE-2008-1499
cPanel 11.18.3 and 11.21.0-BETA - Cross-Site Scripting via Query String
Mar 25, 2008
EPSS 0.02
CVE-2008-0370
cPanel - Cross-Site Scripting via rurl Parameter
Jan 22, 2008
EPSS 0.00
CVE-2007-4022
cPanel 10.9.1 - Cross-Site Scripting via resname Parameter
Jul 26, 2007
EPSS 0.06
CVE-2007-3366
cPanel < 10.9.0_build_10300 - Cross-Site Scripting via URI
Jun 22, 2007
EPSS 0.00
CVE-2007-3367
cPanel <10.9.1-11.4.19-R14378 - Info Disclosure
Jun 22, 2007
EPSS 0.00
CVE-2007-0890
cPanel WebHost Manager 11.0.0 - Cross-Site Scripting via Password Parameter
Feb 12, 2007
EPSS 0.06
CVE-2007-0854
cPanel WebHost Manager - Remote File Inclusion via obj Parameter
Feb 08, 2007
EPSS 0.07
Products
cpanel 417 webhost_manager 5 cgiecho 3 cgiemail 3 whm 3 WHM 1 WP Squared 1 cPanel 1 wp_squared 1
Quick Filters
Critical CVEs With Exploits In CISA KEV