cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav...
6.5CVSS
7.7AI Score
0.001EPSS
cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl...
6.5CVSS
7.4AI Score
0.001EPSS
5.4CVSS
5.9AI Score
0.001EPSS
cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path...
7.5CVSS
8.3AI Score
0.001EPSS
cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions...
8.1CVSS
7.5AI Score
0.001EPSS
6.5CVSS
7.5AI Score
0.001EPSS
cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts...
6.5CVSS
7.3AI Score
0.001EPSS
cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication...
8.8CVSS
8.3AI Score
0.001EPSS
cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API...
8.1CVSS
7.9AI Score
0.001EPSS
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath...
8.1CVSS
7.5AI Score
0.001EPSS
The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes...
5.3CVSS
7.5AI Score
0.001EPSS
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit...
6.5CVSS
7.4AI Score
0.001EPSS
5.4CVSS
6.1AI Score
0.001EPSS
8.1CVSS
8.6AI Score
0.001EPSS
cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script...
6.5CVSS
7.5AI Score
0.001EPSS
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable...
8.1CVSS
7.5AI Score
0.001EPSS
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck...
7.2CVSS
7.5AI Score
0.001EPSS
cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface...
6.7CVSS
7.6AI Score
0.0004EPSS
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing...
3.8CVSS
7.4AI Score
0.0005EPSS
cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint...
6.1CVSS
7.4AI Score
0.001EPSS
6.3CVSS
7.9AI Score
0.001EPSS
cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface...
6.7CVSS
7.6AI Score
0.0004EPSS
cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled...
6.5CVSS
7.4AI Score
0.001EPSS
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains...
2.7CVSS
7.3AI Score
0.001EPSS
cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction...
4.3CVSS
7.4AI Score
0.001EPSS
5.4CVSS
5.9AI Score
0.001EPSS
5.5CVSS
7.3AI Score
0.0004EPSS
cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action...
6.1CVSS
5.9AI Score
0.001EPSS
5.4CVSS
6.5AI Score
0.001EPSS
cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands...
8.1CVSS
7.8AI Score
0.001EPSS
cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning...
9.8CVSS
8.4AI Score
0.005EPSS
cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds...
6.5CVSS
7.2AI Score
0.001EPSS
8.1CVSS
7.4AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
5.4CVSS
5.8AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
cPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface...
6.1CVSS
6.5AI Score
0.001EPSS
cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling...
5.5CVSS
7.5AI Score
0.0004EPSS
cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction...
5.4CVSS
7.4AI Score
0.001EPSS
cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction...
4.3CVSS
7.4AI Score
0.001EPSS
cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi...
4.9CVSS
7.2AI Score
0.001EPSS
6.3CVSS
7.9AI Score
0.001EPSS
cPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of cpaddonsup...
7.2CVSS
8AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd...
9.8CVSS
8.4AI Score
0.005EPSS
cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications...
7.5CVSS
7.5AI Score
0.002EPSS
6.1CVSS
6.5AI Score
0.001EPSS
cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction...
4.3CVSS
7.4AI Score
0.001EPSS
cPanel before 70.0.23 allows self XSS in the WHM cPAddons showsecurity Interface...
6.1CVSS
6.5AI Score
0.001EPSS