cpanel

426 tracked vulnerabilities.

CVE-2018-20943 LOW
cPanel 61.9999.55-62.0.39 - Unauthorized Sensitive Information Exposure via Root Crontab File
Aug 01, 2019
CVSS 2.5
EPSS 0.00
CVE-2018-20942 LOW
cPanel 61.9999.55-62.0.39 - Unauthorized Root Crontab File Exposure
Aug 01, 2019
CVSS 2.5
EPSS 0.00
CVE-2018-20941 MEDIUM
cPanel < 68.0.27 - Unauthenticated Arbitrary File Read via Restore Adminbin
Aug 01, 2019
CVSS 5.6
EPSS 0.00
CVE-2018-20940 LOW
cPanel < 62.0.39 - Unauthenticated Root Crontab File Exposure via Backup Enablement
Aug 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2018-20939 LOW
cPanel < 62.0.39 - Unauthorized Directory Contents Exposure via Backup Feature
Aug 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2018-20938 LOW
cPanel 67.9999.64-68.0.26 - Improper Access Control in WHM API addpkgext and delpkgext
Aug 01, 2019
CVSS 2.7
EPSS 0.00
CVE-2018-20937 MEDIUM
cPanel 61.9999.55-62.0.38 - Improper Authentication during Database Rename
Aug 01, 2019
CVSS 4.3
EPSS 0.00
CVE-2018-20936 LOW
cPanel 61.9999.55-62.0.39 - Unauthenticated SRS Secret Exposure via exim.conf
Aug 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2018-20935 MEDIUM
cPanel 61.9999.55-61.9999.99 - Stored Cross-Site Scripting via WHM DNS Zone Reset
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2018-20934 MEDIUM
cPanel 61.9999.55-70.0.22 - Unauthenticated E-mail Account Suspension Bypass
Aug 01, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-20933 MEDIUM
cPanel 61.9999.55-70.0.22 - Stored Cross-Site Scripting via WHM Edit DNS Zone Action
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2018-20932 LOW
cPanel 61.9999.55-62.0.42 - Sensitive Information Exposure via Apache HTTP Server Logs
Aug 01, 2019
CVSS 2.7
EPSS 0.00
CVE-2018-20931 MEDIUM
cPanel 61.9999.55-70.0.22 - Authenticated Remote Code Execution via Landing Page
Aug 01, 2019
CVSS 6.3
EPSS 0.01
CVE-2018-20930 MEDIUM
cPanel 61.9999.55-62.0.42 - .htaccess Restrictions Bypass via Htaccess Optimization
Aug 01, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-20929 MEDIUM
cPanel < 62.0.42 - Open Redirect via /unprotected/redirect.html Endpoint
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20928 MEDIUM
cPanel 61.9999.55-70.0.22 - Stored Cross-Site Scripting via cpaddons Vendor Interface
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20927 LOW
cPanel 61.9999.55-62.0.42 - Jailshell Escape via Incorrect Crontab Parsing
Aug 01, 2019
CVSS 3.8
EPSS 0.00
CVE-2018-20926 MEDIUM
cPanel 61.9999.55-62.0.42 - Local Privilege Escalation via WHM Locale XML Upload
Aug 01, 2019
CVSS 6.7
EPSS 0.00
CVE-2018-20925 MEDIUM
cPanel 61.9999.55-62.0.42 - Local Privilege Escalation via WHM Legacy Language File Upload
Aug 01, 2019
CVSS 6.7
EPSS 0.00
CVE-2018-20924 MEDIUM
cPanel 61.9999.55-70.0.22 - Unauthenticated Arbitrary File Read and Delete via WHM Style Uploads
Aug 01, 2019
CVSS 5.5
EPSS 0.00
CVE-2018-20923 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting via WHM Synchronize DNS Records Action
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20922 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting via WHM DNS Cleanup Action
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20921 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting via WHM Delete DNS Zone Action
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20920 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting via WHM Edit DNS Zone Action
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20919 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting via WHM Create Account Action
Aug 01, 2019
CVSS 6.1
EPSS 0.00
Products
cpanel 417 webhost_manager 5 cgiecho 3 cgiemail 3 whm 3 WHM 1 WP Squared 1 cPanel 1 wp_squared 1
Quick Filters
Critical CVEs With Exploits In CISA KEV