Exploit for Missing Authentication for Critical Function in Cpanel

CPANEL CVE EXPLOIT English | فارسی PersianREADME...

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager WHM that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 CVSS score: 4.3 - An insufficient input...

Exploit for Missing Authentication for Critical Function in Cpanel

🔴 cPanelCVE CVE-2026-41940 — cPanel & WHM Authentication...

Exploit for Missing Authentication for Critical Function in Cpanel

🔴 cPanelCVE CVE-2026-41940 — cPanel & WHM Authentication...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940: cPanel/WHM Authentication Bypass Analysis...

CVE-2026-41940

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

CVE-2026-41940

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

CVE-2026-41940

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

CVE-2026-41940 WebPros cPanel and WHM Authentication Bypass via Login Flow

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

CVE-2026-41940

CVE-2026-41940 — cPanel/WHM Authentication Bypass (CRLF Injection) Technical synopsis: A CRLF injection in the login/session handling enables unauthenticated remote attackers to bypass authentication and gain root-level access via the cpsess session token. Public analyses describe the attack chai...

CVE-2018-20933

cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action SEC-410...

CVE-2016-10795

cPanel before 59.9999.145 allows stored XSS in the WHM tailupcp2.cgi interface SEC-156...

Virtuozzo Hybrid Server For WHMCS 安全漏洞

Virtuozzo Hybrid Server For WHMCS is a Virtuozzo Hybrid Server For WHMCS from Virtuozzo. A security vulnerability exists in Virtuozzo Hybrid Server For WHMCS version v.1.7.1. An attacker can obtain sensitive information by modifying the hostname...

Acronis Backup plugin for cPanel & WHM (Linux) 安全漏洞

Acronis Backup plugin for cPanel & WHM Linux is a plugin from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux versions prior to 818, which stems from improper handling of symbolic links, resulting in the disclosure of sensitive information duri...

PT-2024-25641 · Acronis · Acronis Backup Plugin For Cpanel & Whm

Name of the Vulnerable Software and Affected Versions: Acronis Backup plugin for cPanel & WHM Linux versions prior to build 818 Description: The issue is related to sensitive information disclosure during file browsing due to improper symbolic link handling. This can lead to unauthorized access a...

Cpanel 代码问题漏洞

cPanel is a web-based host control management system from cPanel USA. cPanel versions prior to 98.0.1 have an XXE vulnerability in the WHM Locale Upload feature. No detailed vulnerability details are currently available...

cPanel cross-site scripting vulnerability (CNVD-2020-54779)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 90.0.10, which stems from self XSS that allows the...

cPanel cross-site scripting vulnerability (CNVD-2020-55177)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 90.0.10, which stems from self XSS that allows editing of...

CVE-2019-20497

cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration SEC-533...

cPanel cross-site scripting vulnerability (CNVD-2019-29012)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in WHM Account Transfer in versions prior to cPanel 68.0.27. The vulnerability stems...