Lucene search

Cpanel Security Vulnerabilities

cve

CVE-2023-29489

An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and...

6.1CVSS

5.8AI Score

0.004EPSS

2023-04-27 09:15 PM

118

In Wild

cve

CVE-2021-38584

The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks...

7.2CVSS

6.9AI Score

0.001EPSS

2021-08-11 11:15 PM

cve

CVE-2021-38588

In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads...

8.1CVSS

8AI Score

0.002EPSS

2021-08-11 11:15 PM

cve

CVE-2021-38590

In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure...

5.5CVSS

5.3AI Score

0.0004EPSS

2021-08-11 11:15 PM

cve

CVE-2021-38587

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files...

7.5CVSS

7.6AI Score

0.001EPSS

2021-08-11 11:15 PM

cve

CVE-2021-38589

In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files...

8.1CVSS

8AI Score

0.001EPSS

2021-08-11 11:15 PM

cve

CVE-2021-38585

The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks...

7.2CVSS

6.9AI Score

0.001EPSS

2021-08-11 11:15 PM

cve

CVE-2021-38586

In cPanel before 98.0.1, /scripts/cpan_config performs unsafe operations on files...

4.4CVSS

4.8AI Score

0.0004EPSS

2021-08-11 11:15 PM