cpanel

426 tracked vulnerabilities.

CVE-2006-6548
cPanel WebHost Manager 3.1.0 - Authenticated Cross-Site Scripting via Domain Parameter
Dec 14, 2006
EPSS 0.00
CVE-2006-6523
cPanel 11 - Cross-Site Scripting via BoxTrapper Account Parameter
Dec 14, 2006
EPSS 0.06
CVE-2006-6198
cPanel WebHost Manager 3.1.0 - Authenticated Cross-Site Scripting via Multiple Parameters
Dec 01, 2006
EPSS 0.01
CVE-2006-5883
cPanel 10 - Authenticated Cross-Site Scripting via dir Parameter in seldir.html and user/dir Parameters in newuser.html
Nov 14, 2006
EPSS 0.01
CVE-2006-5535
cpanel - Cross-Site Scripting via Theme and Template Parameters
Oct 26, 2006
EPSS 0.01
CVE-2006-5014 HIGH
cPanel <10.9.0 - Privilege Escalation
Sep 27, 2006
CVSS 8.8
EPSS 0.03
CVE-2006-4293
cPanel 10 - Cross-Site Scripting via dir Parameter in dohtaccess.html or file Parameter in editit.html/showfile.html
Aug 22, 2006
EPSS 0.02
CVE-2006-3337
cPanel < 10.8.2_current_118 - Cross-Site Scripting via File Parameter
Jul 03, 2006
EPSS 0.01
CVE-2006-2825
cPanel - open_basedir Restriction Bypass via Shared Directory Configuration
Jun 05, 2006
EPSS 0.00
CVE-2006-0763
cPanel - Cross-Site Scripting via dowebmailforward.cgi fwd Parameter
Feb 18, 2006
EPSS 0.00
CVE-2006-0573
cPanel <= 10 - Cross-Site Scripting via Multiple Parameters
Feb 07, 2006
EPSS 0.01
CVE-2006-0574
cPanel 10 - Cross-Site Scripting via MIME Handler File Extension or MIME-Type
Feb 07, 2006
EPSS 0.01
CVE-2006-0533
cPanel - Cross-Site Scripting via webmailaging.cgi numdays Parameter
Feb 04, 2006
EPSS 0.01
CVE-2005-3505
cPanel 10.2.0-R82 and 10.6.0-R137 - Cross-Site Scripting via Entropy Chat Message Style Attributes
Nov 05, 2005
EPSS 0.01
CVE-2005-2021
cPanel <= 9.1 - Cross-Site Scripting via Login Page User Parameter
Jun 20, 2005
EPSS 0.00
CVE-2004-2308
cPanel 9.1.0 - Cross-Site Scripting via dir Parameter in dohtaccess.html
Dec 31, 2004
EPSS 0.01
CVE-2004-1603 MEDIUM
cPanel 9.4.1-RELEASE-64 - Arbitrary File Read and Chown via Hard Link Following
Oct 18, 2004
CVSS 5.5
EPSS 0.00
CVE-2004-1604
cPanel 9.9.1-RELEASE-3 - Privilege Escalation
Sep 30, 2004
EPSS 0.00
CVE-2004-0490
cPanel - Local Privilege Escalation via PHP Script Path Manipulation
Aug 18, 2004
EPSS 0.05
CVE-2004-1875
cPanel 9.1.0-R85 - Cross-Site Scripting via Multiple Parameters
Mar 30, 2004
EPSS 0.09
CVE-2004-1849
cPanel 9.1.0 - Cross-Site Scripting via Email Parameter or Handle Parameter
Mar 24, 2004
EPSS 0.01
CVE-2004-1769
cPanel <= 9.1.0 build 34 - Remote Code Execution via Reset Password User Parameter
Mar 11, 2004
EPSS 0.05
CVE-2004-1770
cPanel 9.1.0 - Remote Code Execution via Login Page User Parameter
Mar 11, 2004
EPSS 0.12
CVE-2003-1425
cPanel 5.0 - Remote Code Execution via Guestbook.cgi Template Parameter
Dec 31, 2003
EPSS 0.04
CVE-2003-1426
cPanel 5.0 - Local Arbitrary Code Execution via SCRIPT_FILENAME Environment Variable
Dec 31, 2003
EPSS 0.00
Products
cpanel 417 webhost_manager 5 cgiecho 3 cgiemail 3 whm 3 WHM 1 WP Squared 1 cPanel 1 wp_squared 1
Quick Filters
Critical CVEs With Exploits In CISA KEV