CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 58.0.4. An attacker can exploit the vulnerability to perform...

7.8CVSS6.7AI score0.00256EPSS

Exploits0References1

NVD•added 2019/08/07 1:15 p.m.•9 views

CVE-2016-10800

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

7.8CVSS7.7AI score0.00256EPSS

Exploits0References1

OSV•added 2019/08/07 1:15 p.m.•1 views

CVE-2016-10800

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

7.8CVSS5.8AI score0.00256EPSS

Exploits0References1

Prion•added 2019/08/07 1:15 p.m.•12 views

Code injection

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

6.8CVSS7.2AI score0.00256EPSS

Exploits0References1Affected Software1

CVE•added 2019/08/07 12:22 p.m.•36 views

CVE-2016-10800

Affected software: cPanel prior to 58.0.4. Vulnerability: demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138). Root cause / impact: the issue allows escape in demo mode, with impact characterized as partial confidentiality/integrity/availability risk per the cited sources. Expl...

7.8CVSS7.6AI score0.00256EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/08/07 12:22 p.m.•12 views

CVE-2016-10800

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

7.7AI score0.00256EPSS

Exploits0References1

NVD•added 2019/08/02 4:15 p.m.•8 views

CVE-2017-18435

cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API SEC-238...

7.5CVSS7.4AI score0.00621EPSS

Exploits0References2

OSV•added 2019/08/02 4:15 p.m.•1 views

CVE-2017-18435

cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API SEC-238...

7.3CVSS5.9AI score0.00621EPSS

Exploits0References2

Prion•added 2019/08/02 4:15 p.m.•14 views

Code injection

cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API SEC-238...

7.5CVSS7.3AI score0.00621EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/08/02 4:0 p.m.•14 views

CVE-2017-18435

cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API SEC-238...

7.4AI score0.00621EPSS

Exploits0References1

CVE•added 2019/08/02 4:0 p.m.•54 views

CVE-2017-18435

This CVE affects cPanel before 64.0.21, where demo accounts could cause code execution via the BoxTrapper API (SEC-238). The issue is tied to the BoxTrapper API and is documented as exploitable by non-privileged, unauthenticated users, enabling remote code execution with low attacker effort. The ...

7.5CVSS7.3AI score0.00621EPSS

Exploits0References2Affected Software1

OSV•added 2019/07/30 3:15 p.m.•0 views

CVE-2019-14406

cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing SEC-493...

6.1CVSS5.8AI score

Exploits0References1

NVD•added 2019/07/30 3:15 p.m.•10 views

CVE-2019-14406

cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing SEC-493...

6.1CVSS6AI score0.00396EPSS

Exploits0References1