cpanel

426 tracked vulnerabilities.

CVE-2018-20918 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting in WHM DNS Cluster
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20917 MEDIUM
cPanel < 70.0.23 - Unauthenticated Solr Disabling via Improper Input Validation
Aug 01, 2019
CVSS 5.5
EPSS 0.00
CVE-2018-20916 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting via WHM Edit MX Entry
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2018-20915 MEDIUM
cPanel < 70.0.23 - Stored Cross-Site Scripting via WHM Edit DNS Zone Action
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2018-20914 HIGH
cPanel < 70.0.23 - Session File Injection via OpenID Provider
Aug 01, 2019
CVSS 7.3
EPSS 0.00
CVE-2018-20913 MEDIUM
cPanel < 70.0.23 - Unauthenticated Root Access Hash Exposure via WHM Trust Cluster Master Endpoint
Aug 01, 2019
CVSS 4.9
EPSS 0.00
CVE-2018-20912 MEDIUM
cPanel < 70.0.23 - Authenticated Remote Code Execution via awstats
Aug 01, 2019
CVSS 6.3
EPSS 0.01
CVE-2018-20911 HIGH
cPanel < 70.0.23 - Remote Code Execution via Perl @INC Path Injection
Aug 01, 2019
CVSS 7.2
EPSS 0.02
CVE-2018-20910 MEDIUM
cPanel < 70.0.23 - Self Cross-Site Scripting in WHM cPAddons showsecurity Interface
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20909 HIGH
cPanel 61.9999.55-70.0.22 - Arbitrary File Permission Modification via Legacy Incremental Backup
Aug 01, 2019
CVSS 7.1
EPSS 0.00
CVE-2018-20908 MEDIUM
cPanel 61.9999.55-71.9980.37 - Arbitrary File Read via pkgacct Custom Template Handling
Aug 01, 2019
CVSS 5.5
EPSS 0.00
CVE-2018-20907 MEDIUM
cPanel 61.9999.55-62.0.47 - Incorrect Permission Assignment for Critical Resource
Aug 01, 2019
CVSS 4.3
EPSS 0.00
CVE-2018-20906 MEDIUM
cPanel < 62.0.47 - Incorrect Permission Assignment for Critical Resource via API Call
Aug 01, 2019
CVSS 4.3
EPSS 0.00
CVE-2018-20905 MEDIUM
cPanel < 62.0.47 - Incorrect Permission Assignment for Critical Resource
Aug 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2018-20904 MEDIUM
cPanel < 62.0.47 - Incorrect Permission Assignment for Critical Resource via API Call Bypass
Aug 01, 2019
CVSS 4.3
EPSS 0.00
CVE-2018-20903 MEDIUM
cPanel < 71.9980.37 - Self Cross-Site Scripting in WHM Backup Configuration Interface
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20902 MEDIUM
cPanel < 71.9980.37 - Unauthenticated Exposure of Sensitive Information via ClamAV Installation
Aug 01, 2019
CVSS 5.5
EPSS 0.00
CVE-2018-20901 MEDIUM
cPanel < 71.9980.37 - Stored Cross-Site Scripting in WHM Save Theme Interface
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20900 MEDIUM
cPanel 62.0.1-62.0.47 - Stored Cross-Site Scripting in YUM Autorepair Functionality
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20899 MEDIUM
cPanel 61.9999.55-71.9980.37 - Stored Cross-Site Scripting in WHM cPAddons Installation Interface
Aug 01, 2019
CVSS 6.1
EPSS 0.00
CVE-2018-20898 MEDIUM
cPanel 61.9999.55-71.9980.37 - Email Injection via cPAddons Moderation
Aug 01, 2019
CVSS 4.3
EPSS 0.00
CVE-2018-20897 LOW
cPanel 61.9999.55-71.9980.37 - Arbitrary File Unlink via cPAddons Moderation System
Aug 01, 2019
CVSS 2.8
EPSS 0.00
CVE-2018-20896 LOW
cPanel 61.9999.55-61.9999.9999 - Code Injection in WHM cPAddons Interface
Aug 01, 2019
CVSS 3.9
EPSS 0.00
CVE-2018-20895 HIGH
cPanel 67.9999.64-71.9980.37 - Improper Input Validation
Aug 01, 2019
CVSS 7.2
EPSS 0.00
CVE-2018-20894 LOW
cPanel 71.9980.30-72.0.9 - Exposure of Sensitive Information via Git Repository
Aug 01, 2019
CVSS 3.3
EPSS 0.00
Products
cpanel 417 webhost_manager 5 cgiecho 3 cgiemail 3 whm 3 WHM 1 WP Squared 1 cPanel 1 wp_squared 1
Quick Filters
Critical CVEs With Exploits In CISA KEV