cpanel

426 tracked vulnerabilities.

CVE-2019-14400 HIGH
cPanel <78.0.18 - Privilege Escalation
Jul 30, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-14399 HIGH
cPanel < 78.0.18 - Unsafe File Operations in SSL Certificate Storage
Jul 30, 2019
CVSS 7.1
EPSS 0.00
CVE-2019-14398 HIGH
cPanel < 80.0.5 - Authenticated Remote Code Execution via ajax_maketext_syntax_util.pl
Jul 30, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-14397 MEDIUM
cPanel < 80.0.5 - Unauthenticated Arbitrary File Write via extractfile API1 Call
Jul 30, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-14396 LOW
cPanel < 80.0.5 - Log Data Spoofing via API Analytics adminbin
Jul 30, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-14395 LOW
cPanel < 80.0.5 - Incorrect Permission Assignment for Queueprocd Log
Jul 30, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-14394 MEDIUM
cPanel <80.0.5 - Privilege Escalation
Jul 30, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-14393 MEDIUM
cPanel < 80.0.5 - Local Code Execution via Insecure cpphp Execution
Jul 30, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-14392 HIGH
cPanel < 80.0.22 - Remote Code Execution via Incorrect URI Dispatching
Jul 30, 2019
CVSS 8.8
EPSS 0.03
CVE-2019-14391 LOW
cPanel <82.0.2 - Privilege Escalation
Jul 30, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-14390 MEDIUM
cPanel < 82.0.2 - Stored Cross-Site Scripting in WHM Modify Account Interface
Jul 30, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-14389 HIGH
cPanel < 82.0.2 - Local MySQL Root Password Exposure
Jul 30, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-14388 HIGH
cpanel < 82.0.2 - Unauthenticated Arbitrary File Creation via Exim Log Parsing
Jul 30, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-14387 MEDIUM
cPanel < 82.0.2 - Self Cross-Site Scripting in Master Templates
Jul 30, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-14386 MEDIUM
cPanel < 82.0.2 - Stored Cross-Site Scripting in WHM Tomcat Manager Interface
Jul 30, 2019
CVSS 5.4
EPSS 0.00
CVE-2018-20953 MEDIUM
cPanel 61.9999.55-62.0.39 - Stored Cross-Site Scripting in WHM Listips Interface
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20952 MEDIUM
cPanel 61.9999.55-62.0.39 - Unauthorized Sensitive Information Exposure via WHM Apache Includes Editor
Aug 01, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-20951 MEDIUM
cPanel 61.9999.55-62.0.38 - Stored Cross-Site Scripting in WHM Spamd Startup Config
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20950 MEDIUM
cPanel 61.9999.55-62.0.38 - Stored Cross-Site Scripting in WHM Account Transfer
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20949 MEDIUM
cPanel 61.9999.55-62.0.38 - Stored Cross-Site Scripting in WHM Apache Configuration Include Editor
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20948 MEDIUM
cPanel 61.9999.55-62.0.38 - Stored Cross-Site Scripting in Backup Restoration
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20947 MEDIUM
cPanel 61.9999.55-62.0.39 - Unauthenticated Arbitrary File Write via telnetcrt Script
Aug 01, 2019
CVSS 5.5
EPSS 0.00
CVE-2018-20946 LOW
cPanel < 62.0.39 - Unauthorized Zone Information Exposure via Archive Sync Script
Aug 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2018-20945 MEDIUM
cPanel 61.9999.55-62.0.38 - Improper Authorization in csvprocess
Aug 01, 2019
CVSS 5.7
EPSS 0.00
CVE-2018-20944 LOW
cPanel 61.9999.55-62.0.38 - Unauthorized Sensitive Information Exposure via httpd.conf Syntax Test
Aug 01, 2019
CVSS 3.3
EPSS 0.00
Products
cpanel 417 webhost_manager 5 cgiecho 3 cgiemail 3 whm 3 WHM 1 WP Squared 1 cPanel 1 wp_squared 1
Quick Filters
Critical CVEs With Exploits In CISA KEV