cPanel < 11.109.9999.116 - Cross-Site Scripting

An issue was discovered in cPanel before 11.109.9999.116. Cross Site Scripting can occur on the cpsrvd error page via an invalid webcall ID. id: CVE-2023-29489 info: name: cPanel 11.109.9999.116 - Cross-Site Scripting author: DhiyaneshDk,0xKayala severity: medium description: | An issue was...

Exploit for Missing Authentication for Critical Function in Cpanel

CPANEL CVE EXPLOIT English | فارسی PersianREADME...

Exploit for Missing Authentication for Critical Function in Cpanel

No d...

Exploit for Missing Authentication for Critical Function in Cpanel

No d...

cPanel 安全漏洞

cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has security vulnerabilities; these vulnerabilities stem from the fact that the chmod calls in...

Exploit for Missing Authentication for Critical Function in Cpanel

cPanel-WHM-CVE-2026-41940-AuthBypass CVE-2026-41940: cPanel...

Exploit for Missing Authentication for Critical Function in Cpanel

No d...

Exploit for Missing Authentication for Critical Function in Cpanel

Sorry Ransomware Analysis CVE-2026-41940 cPanel Campaign Pu...

cPanel & WHM - Authentication Bypass via Session-File CRLF Injection

cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel. id: CVE-2026-41940 info:...

📄 cPanel Authentication Manipulation / Session Injection

This Python script attempts to an authentication bypass against a cPanel login endpoint by crafting a modified login request and manipulating session-related data. Versions after 11.40 are affected...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940-POC cPanel/WHM Authentication Bypass Proof of...

Exploit for Missing Authentication for Critical Function in Cpanel

POCCVE-2026-41940 Quick start bash python3 pocCVE-202...

Exploit for Missing Authentication for Critical Function in Cpanel

No d...

Exploit for Missing Authentication for Critical Function in Cpanel

poc...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 Detection & Verification !License: MIThttp...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 A security research tool for detecting and anal...

PT-2026-5405

Name of the Vulnerable Software and Affected Versions AWStats version 8.0 Description AWStats version 8.0 contains a command injection issue due to an unsafe use of the open function in Perl when processing HTTP GET parameters. Specifically, the presence of a pipe symbol '|' within a parameter ca...

CVE-2016-10799

cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation SEC-137...

CVE-2017-18475

In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user SEC-204...

CVE-2017-18411

The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account SEC-285...