CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

6.5CVSS6.8AI score0.00367EPSS

cPanel Information Disclosure Vulnerability (CNVD-2019-29714)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 62.0.4 that stems from the program not performing proper ACL...

5.4CVSS6.3AI score0.00229EPSS

cPanel cross-site scripting vulnerability (CNVD-2019-30463)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in the Webmail Password and Security page in versions prior to cPanel 62.0.4. The...

6.8CVSS6.8AI score0.00351EPSS

cPanel path traversal vulnerability (CNVD-2019-30468)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A path traversal vulnerability exists in versions prior to cPanel 62.0.4. The vulnerability stems from a failure of a network...

CNVD•added 2019/08/07 12:0 a.m.•2 views

cPanel Trust Management Issues Vulnerability (CNVD-2019-29631)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 62.0.4. No detailed vulnerability details are provided at this time...

6.5CVSS6.8AI score0.00133EPSS

CNVD•added 2019/08/07 12:0 a.m.•0 views

cPanel Input Validation Error Vulnerability (CNVD-2019-29625)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 62.0.4. No details of the vulnerability are provided at this...

8.8CVSS6.7AI score0.00574EPSS

CNVD•added 2019/08/07 12:0 a.m.•2 views

cPanel Security Feature Issue Vulnerability

6.5CVSS6.8AI score0.00367EPSS

6.5CVSS6.7AI score0.00367EPSS

cPanel Security Feature Issue Vulnerability (CNVD-2019-29624)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 62.0.4. No detailed vulnerability details are provided at th...

CNVD•added 2019/08/07 12:0 a.m.•2 views

cPanel cross-site scripting vulnerability (CNVD-2019-30471)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in versions prior to cPanel 62.0.4. The vulnerability stems from a lack of proper...

5.4CVSS6.3AI score0.00229EPSS

7.5CVSS6.7AI score0.00382EPSS

cPanel Security Feature Issue Vulnerability (CNVD-2019-29633)

NVD•added 2019/08/05 1:15 p.m.•14 views

CVE-2017-18481

cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface SEC-211...

5.4CVSS5.2AI score0.00229EPSS

OSV•added 2019/08/05 1:15 p.m.•0 views

CVE-2017-18473

cPanel before 62.0.4 allows self XSS on the webmail Password and Security page SEC-199...

5.4CVSS5.8AI score

OSV•added 2019/08/05 1:15 p.m.•1 views

CVE-2017-18477

In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account SEC-206...

6.5CVSS5.8AI score0.00367EPSS

NVD•added 2019/08/05 1:15 p.m.•12 views

CVE-2017-18471

cPanel before 62.0.4 allows self XSS on the paperlantern password-change screen SEC-197...

5.4CVSS5.3AI score0.00229EPSS

Prion•added 2019/08/05 1:15 p.m.•12 views

Design/Logic Flaw

In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address SEC-209...

4CVSS6.5AI score0.00133EPSS

Prion•added 2019/08/05 1:15 p.m.•13 views

Default credentials

cPanel before 62.0.4 allows self XSS on the paperlantern password-change screen SEC-197...

3.5CVSS5.3AI score0.00229EPSS

Exploits0References2Affected Software1

Prion•added 2019/08/05 1:15 p.m.•9 views

Design/Logic Flaw

cPanel before 62.0.4 allows resellers to use the WHM enqueuetransferitem API for queueing non-rearrange modules SEC-213...

4CVSS6.5AI score0.00439EPSS

Prion•added 2019/08/05 1:15 p.m.•10 views

Default credentials

cPanel before 62.0.4 has a fixed password for the Munin MySQL test account SEC-196...

4CVSS8.7AI score0.00376EPSS

CVE•added 2019/08/05 12:47 p.m.•47 views

CVE-2017-18478

Affected software: cPanel prior to 62.0.4. Vulnerability: incorrect ACL checks in xml-api for Rearrange Account actions, caused by an ACL bypass issue. Impact: potential improper access control. Mitigation: upgrade to 62.0.4 or later (as cited by cPanel and related CVE records). Notes: the connec...

6.5CVSS6.5AI score0.00367EPSS

CVE•added 2019/08/05 12:46 p.m.•59 views

CVE-2017-18476

CVE-2017-18476 concerns Leech Protect in cPanel prior to 62.0.4 not protecting certain directories (bug tracked as SEC-205). The connected sources consistently state this issue affecting cPanel. No further technical details (root cause, impacted components beyond Leech Protect, exploit vectors, o...

7.5CVSS7.5AI score0.00382EPSS