Filter
-Infinity
0

Trending

Last week
Last month
Last year

ubuntu/libcpanel-json-xs-perlThe Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allo…

critical
9.1
First published (updated )
CVE-2022-48623

cPanelXSS

medium
6.1
First published (updated )
CVE-2023-29489

cPanelXEE

high
7.2
First published (updated )
CVE-2021-38584

cPanelThe WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585).

high
7.2
First published (updated )
CVE-2021-38585

cPanelIn cPanel before 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).

medium
4.4
First published (updated )
CVE-2021-38586

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

cPanelRace Condition

high
7.5
First published (updated )
CVE-2021-38587

cPanelIn cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587)…

high
8.1
First published (updated )
CVE-2021-38588

cPanelIn cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of file…

high
8.1
First published (updated )
CVE-2021-38589

cPanelIn cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).

medium
5.5
First published (updated )
CVE-2021-38590

cPanelXSS

medium
6.1
First published (updated )
CVE-2021-31803

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

cPanelcPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).

high
7.5
First published (updated )
CVE-2021-26266

cPanelcPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (…

high
7.5
First published (updated )
CVE-2021-26267

cPanelIn cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).

medium
6.5
First published (updated )
CVE-2020-29136

cPanelXSS

medium
6.1
First published (updated )
CVE-2020-29137

cPanelcPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567).

medium
4.1
First published (updated )
CVE-2020-29135

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

cPanelcPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).

critical
9.8
First published (updated )
CVE-2020-26098

cPanelcPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).

high
7.5
First published (updated )
CVE-2020-26099

cPanelchsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).

critical
9.8
First published (updated )
CVE-2020-26100

cPanelIn cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).

critical
9.8
First published (updated )
CVE-2020-26101

cPanelIn cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-5…

high
7.5
First published (updated )
CVE-2020-26102

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

cPanelIn cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).

high
7.5
First published (updated )
CVE-2020-26103

cPanelIn cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).

high
7.5
First published (updated )
CVE-2020-26104

cPanelIn cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).

critical
9.8
First published (updated )
CVE-2020-26105

cPanelcPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-55…

high
7.5
First published (updated )
CVE-2020-26106

cPanelcPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).

high
7.5
First published (updated )
CVE-2020-26107

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

cPanelcPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).

critical
9.8
First published (updated )
CVE-2020-26108

cPanelcPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package mod…

high
7.5
First published (updated )
CVE-2020-26109

cPanelXSS

medium
6.1
First published (updated )
CVE-2020-26110

cPanelXSS

medium
6.1
First published (updated )
CVE-2020-26111

cPanelThe email quota cache in cPanel before 90.0.10 allows overwriting of files.

high
7.5
First published (updated )
CVE-2020-26112

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203