Cpanel CpanelThe WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585).
Cpanel CpanelIn cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587)…
Cpanel CpanelIn cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of file…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
Cpanel CpanelcPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (…
Cpanel CpanelcPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).
Cpanel CpanelIn cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-5…
Cpanel CpanelIn cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelIn cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).
Cpanel CpanelcPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-55…
Cpanel CpanelcPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
Cpanel CpanelcPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package mod…
Cpanel CpanelThe email quota cache in cPanel before 90.0.10 allows overwriting of files.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 86.0.14 allows attackers to obtain access to the current working directory via the acc…
Cpanel CpanelcPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the passwo…
Cpanel CpanelcPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsist…
Cpanel CpanelcPanel before 82.0.15 allows API token credentials to persist after an account has been renamed or t…
Cpanel CpanelcPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 58.0.4 has improper session handling for shared users (SEC-139).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list ar…
Cpanel CpanelCVE-2016-10787
Cpanel CpanelcPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelLeech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205).
Cpanel CpanelcPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).
Cpanel CpanelcPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-22…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300).
Cpanel CpanelIn cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disapp…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cpanel CpanelcPanel before 68.0.15 allows code execution in the context of the root account because of weak permi…
Cpanel CpanelcPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.