Software
Cpanel CpanelcPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
Cpanel Cpanelchsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).
Cpanel CpanelIn cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
Cpanel CpanelIn cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
Cpanel CpanelcPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-54…
Cpanel CpanelcPanel before 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync s…
Cpanel CpanelcPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shel…
Cpanel CpanelcPanel before 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
Cpanel CpanelcPanel before 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. …
Cpanel CpanelcPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is in…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upl…
Cpanel CpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-3…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 55.9999.141 allows daemons to access their controlling TTYs (SEC-31).
Cpanel CpanelcPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelUnspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain …
Cpanel CpanelThe "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earl…
Cpanel CpanelThe login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arb…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.