Cpanel Security Vulnerabilities

CVE-2023-29489

An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and...

CVE-2021-38584

The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks...

CVE-2021-38588

In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads...

CVE-2021-38587

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files...

CVE-2021-38590

In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure...

CVE-2021-38589

In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files...

CVE-2021-38586

In cPanel before 98.0.1, /scripts/cpan_config performs unsafe operations on files...

CVE-2021-38585

The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks...

CVE-2021-31803

cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile...

CVE-2021-26267

cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension...

CVE-2021-26266

cPanel before 92.0.9 allows a Reseller to bypass the suspension lock...

CVE-2020-29136

In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach...

CVE-2020-29135

cPanel before 90.0.17 has multiple instances of URL parameter injection...

CVE-2020-29137

cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interface...

CVE-2020-26103

In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM...

CVE-2020-26108

cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution...

CVE-2020-26110

cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces...

CVE-2020-26115

cPanel before 90.0.10 allows self XSS via the Cron Editor interface...

CVE-2020-26100

chsh in cPanel before 88.0.3 allows a Jailshell escape...

CVE-2020-26101

In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM...

CVE-2020-26105

In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM...

CVE-2020-26107

cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys...

CVE-2020-26114

cPanel before 90.0.10 allows self XSS via the Cron Jobs interface...

CVE-2020-26098

cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution...

CVE-2020-26106

cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file...

CVE-2020-26104

In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM...

CVE-2020-26102

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM...

CVE-2020-26109

cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification...

CVE-2020-26112

The email quota cache in cPanel before 90.0.10 allows overwriting of...

CVE-2020-26111

cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface...

CVE-2020-26113

cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces...

CVE-2020-26099

cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism...

CVE-2020-12784

cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings...

CVE-2020-12785

cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature...

CVE-2020-10121

cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs...

CVE-2020-10122

cPanel before 84.0.20 allows a webmail or demo account to delete arbitrary files...

CVE-2020-10114

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor...

CVE-2020-10118

cPanel before 84.0.20 allows a demo account to modify files via Branding API calls...

CVE-2019-20490

cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently...

CVE-2019-20492

cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file...

CVE-2019-20496

cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing...

CVE-2019-20498

cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect...

CVE-2019-20494

In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers...

CVE-2020-10113

cPanel before 84.0.20 allows self XSS via a temporary character-set specification...

CVE-2020-10116

cPanel before 84.0.20 allows attackers to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls...

CVE-2020-10119

cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell...

CVE-2020-10120

cPanel before 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell...

CVE-2020-10117

cPanel before 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace...

CVE-2019-20495

cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming...

CVE-2019-20497

cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration...