cpanel

426 tracked vulnerabilities.

CVE-2017-18462 HIGH
cPanel < 56.0.46 - CPHulk One-Day Ban Bypass via IP Protection
Aug 05, 2019
CVSS 7.5
EPSS 0.00
CVE-2017-18463 HIGH
cPanel < 56.0.46 - Remote Code Execution via Long DocumentRoot Path
Aug 02, 2019
CVSS 7.8
EPSS 0.00
CVE-2017-18461 MEDIUM
cPanel 55.9999.61-56.0.45 - Security Policy Bypass via Account Rename
Aug 02, 2019
CVSS 4.3
EPSS 0.00
CVE-2017-18460 HIGH
cPanel < 60.0.39 - Remote Code Execution during Automatic SSL Installation
Aug 02, 2019
CVSS 7.8
EPSS 0.00
CVE-2017-18459 HIGH
cPanel 55.9999.61-61.9999.999 - Remote Code Execution during Account Modification
Aug 02, 2019
CVSS 7.8
EPSS 0.00
CVE-2017-18458 LOW
cPanel 55.9999.61-61.9999.999 - Unauthenticated File Overwrite via Account Rename
Aug 02, 2019
CVSS 3.3
EPSS 0.00
CVE-2017-18457 MEDIUM
cPanel 55.9999.61-56.0.45 - Unauthenticated Arbitrary File Read via WHM Styled URLs
Aug 02, 2019
CVSS 4.4
EPSS 0.00
CVE-2017-18456 MEDIUM
cPanel < 56.0.46 - Self Cross-Site Scripting in WHM cPAddons showsecurity Interface
Aug 02, 2019
CVSS 6.1
EPSS 0.00
CVE-2017-18455 LOW
cPanel 55.9999.61-62.0.16 - Unauthenticated Addon Domain Conversion
Aug 02, 2019
CVSS 2.7
EPSS 0.00
CVE-2017-18454 MEDIUM
cPanel 55.9999.61-61.9999.999 - Stored Cross-Site Scripting in WHM cPAddons Install Interface
Aug 02, 2019
CVSS 5.4
EPSS 0.00
CVE-2017-18453 MEDIUM
Cpanel < 56.0.49 - Improper Input Validation
Aug 02, 2019
CVSS 4.9
EPSS 0.00
CVE-2017-18452 MEDIUM
cPanel 55.9999.61-64.0.20 - Remote Code Execution via Rails Configuration Files
Aug 02, 2019
CVSS 6.7
EPSS 0.00
CVE-2017-18451 MEDIUM
cPanel 56.0.1-56.0.49 - Unauthenticated Crontab File Read During cPAddon Upgrade
Aug 02, 2019
CVSS 5.3
EPSS 0.00
CVE-2017-18450 MEDIUM
cPanel < 56.0.49 - Arbitrary File Permission Change via convert_roundcube_mysql2sqlite Script
Aug 02, 2019
CVSS 4.5
EPSS 0.00
CVE-2017-18449 MEDIUM
cPanel < 56.0.49 - Unauthenticated File Rename via convert_roundcube_mysql2sqlite Script
Aug 02, 2019
CVSS 5.5
EPSS 0.00
CVE-2017-18448 MEDIUM
cPanel 55.9999.61-64.0.20 - Path Traversal via Serverinfo_manpage API
Aug 02, 2019
CVSS 5.3
EPSS 0.00
CVE-2017-18447 MEDIUM
cPanel < 56.0.49 - Authenticated Remote Code Execution via ClamScanner_getsocket API
Aug 02, 2019
CVSS 6.3
EPSS 0.01
CVE-2017-18446 MEDIUM
cPanel 55.9999.61-56.0.49 - Unauthenticated File Read and Write via SourceIPCheck API
Aug 02, 2019
CVSS 6.3
EPSS 0.00
CVE-2017-18445 MEDIUM
cPanel < 56.0.49 - Unauthenticated SSL API Demo Restriction Bypass
Aug 02, 2019
CVSS 4.3
EPSS 0.00
CVE-2017-18444 MEDIUM
cPanel < 56.0.49 - Unauthenticated SSH API Command Execution
Aug 02, 2019
CVSS 5.3
EPSS 0.00
CVE-2017-18443 MEDIUM
cPanel 55.9999.61-56.0.49 - SSH Port Forwarding Access for Demo and Suspended Accounts
Aug 02, 2019
CVSS 5.8
EPSS 0.00
CVE-2017-18442 MEDIUM
cPanel < 56.0.49 - Authenticated Command Injection via Cpanel::SPFUI API
Aug 02, 2019
CVSS 5.3
EPSS 0.00
CVE-2017-18441 MEDIUM
cPanel 55.9999.61-56.0.21 - Unauthenticated Open Redirect
Aug 02, 2019
CVSS 5.0
EPSS 0.00
CVE-2017-18440 MEDIUM
cPanel 56.0.1-56.0.49 - Authenticated Command Execution via API2 Traceroute
Aug 02, 2019
CVSS 4.3
EPSS 0.00
CVE-2017-18439 MEDIUM
cPanel < 56.0.49 - Authenticated Remote Code Execution via ImageManager_dimensions API
Aug 02, 2019
CVSS 6.3
EPSS 0.01
Products
cpanel 417 webhost_manager 5 cgiecho 3 cgiemail 3 whm 3 WHM 1 WP Squared 1 cPanel 1 wp_squared 1
Quick Filters
Critical CVEs With Exploits In CISA KEV