Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3954 matches found

NVD
NVDadded 2025/12/11 9:15 p.m.3 views

CVE-2025-66429

An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to the root user...

8.8CVSS0.00709EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/12/11 12:0 a.m.2 views

CVE-2025-66429

An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to the root user...

7AI score0.00709EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/12/11 12:0 a.m.10 views

Cpanel 安全漏洞

Cpanel is a set of automated web-based colocation platforms from Cpanel, Inc. in the United States. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in cPanel versions 110 through 132, which stems from the existence of directory...

8.8CVSS6.7AI score0.00709EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/12/11 12:0 a.m.18 views

CVE-2025-66429

An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to the root user...

0.00709EPSS
Exploits0References2
EUVD
EUVDadded 2025/12/11 12:0 a.m.5 views

EUVD-2025-202876

An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to the root user...

6.8AI score0.00709EPSS
Exploits0References3
CVE
CVEadded 2025/12/11 12:0 a.m.20 views

CVE-2025-66429

The CVE-2025-66429 issue affects cPanel versions 110–132, where a directory traversal in the Team Manager API can overwrite arbitrary files, enabling privilege escalation to root. Documented impact is high (CVE score 8.8). Exploitation status isn’t provided in the sources. Remediation guidance ap...

8.8CVSS7AI score0.00709EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVASadded 2025/11/14 12:0 a.m.3 views

Mageia: Security Advisory (MGASA-2025-0284)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS6.8AI score0.00405EPSS
Exploits0References4
Mageia
Mageiaadded 2025/11/13 6:3 p.m.9 views

Updated perl-Cpanel-JSON-XS packages fix security vulnerability

Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact. CVE-2025-40929...

5.6CVSS7.2AI score0.00405EPSS
Exploits0References2
OSV
OSVadded 2025/11/13 6:3 p.m.6 views

MGASA-2025-0284 Updated perl-Cpanel-JSON-XS packages fix security vulnerability

Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact. CVE-2025-40929...

5.6CVSS6.6AI score0.00405EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/11/12 12:6 p.m.10 views

CVE-2025-12539

The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials hostname, username, and API key in files within the web-accessible wp-content directory witho...

10CVSS7AI score0.00931EPSS
Exploits1References1
OSV
OSVadded 2025/11/11 11:15 a.m.12 views

CVE-2025-12539

The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials hostname, username, and API key in files within the web-accessible wp-content directory witho...

10CVSS7AI score
Exploits0References2
Cvelist
Cvelistadded 2025/11/11 11:3 a.m.14 views

CVE-2025-12539 TNC Toolbox: Web Performance <= 1.4.2 - Unauthenticated Sensitive Information Exposure to Privilege Escalation/cPanel Account Takeover

The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials hostname, username, and API key in files within the web-accessible wp-content directory witho...

10CVSS0.00931EPSS
Exploits1References2
CVE
CVEadded 2025/11/11 11:3 a.m.24 views

CVE-2025-12539

The CVE-2025-12539 entry concerns the WordPress plugin TNC Toolbox: Web Performance (versions up to 1.4.2). The vulnerability, described across multiple connected sources, is a Sensitive Information Exposure flaw caused by storing cPanel credentials (hostname, username, API key) in files under th...

10CVSS6.6AI score0.00931EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/11/11 12:0 a.m.11 views

WordPress plugin TNC Toolbox Web Performance 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin TNC Toolbox Web Performance, which stem...

10CVSS6AI score0.00931EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/11/11 12:0 a.m.8 views

PT-2025-46321

Name of the Vulnerable Software and Affected Versions TNC Toolbox: Web Performance plugin for WordPress versions up to and including 1.4.2 Description The TNC Toolbox: Web Performance plugin for WordPress is affected by a sensitive information exposure issue. The plugin stores cPanel API...

10CVSS6.9AI score0.00931EPSS
Exploits1References10
Redos
Redosadded 2025/10/30 12:0 a.m.7 views

ROS-20251030-06

A vulnerability in the Perl data structure to JSON conversion module Cpanel::JSON::XS is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system...

5.6CVSS7.2AI score0.00405EPSS
Exploits0
OpenVAS
OpenVASadded 2025/10/28 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-ce67f2ffd1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS6.8AI score0.00405EPSS
Exploits0References2
OSV
OSVadded 2025/10/23 2:35 p.m.1 views

ROOT-OS-DEBIAN-11-CVE-2022-48623 CVE-2022-48623 in rootio-libcpanel-json-xs-perl - Patched by Root

Root has patched CVE-2022-48623 in the rootio-libcpanel-json-xs-perl package for Root:Debian:11. Multiple fixed versions available...

9.1CVSS5.4AI score0.00788EPSS
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2017-9594

Malware in sbrugna...

6.5CVSS6.6AI score0.00875EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2018-13416

Malware in sbrugna...

5.4CVSS5.5AI score0.00519EPSS
Exploits0References2
Rows per page
Query Builder