3.3CVSS
4.2AI Score
0.0004EPSS
cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats...
2.7CVSS
4.1AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin...
7.2CVSS
7.5AI Score
0.001EPSS
cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask...
7.8CVSS
7.6AI Score
0.0004EPSS
6.3CVSS
6.5AI Score
0.001EPSS
cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval...
2.5CVSS
4AI Score
0.0004EPSS
7.8CVSS
7.5AI Score
0.0004EPSS
cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores...
5.5CVSS
5.5AI Score
0.0004EPSS
cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups...
7.8CVSS
7.8AI Score
0.0004EPSS
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload...
7.2CVSS
7.5AI Score
0.001EPSS
cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records...
2.7CVSS
4.2AI Score
0.001EPSS
cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail...
3.8CVSS
4.4AI Score
0.0004EPSS
In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list...
6.5CVSS
6.5AI Score
0.001EPSS
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests...
8.8CVSS
8.6AI Score
0.001EPSS
8.8CVSS
8.5AI Score
0.001EPSS
cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup...
6.5CVSS
6.5AI Score
0.001EPSS
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd...
6.5CVSS
6.5AI Score
0.001EPSS
cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders...
8.8CVSS
8.9AI Score
0.001EPSS
8.8CVSS
8.6AI Score
0.001EPSS
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs...
6.5CVSS
6.6AI Score
0.001EPSS
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file...
9.8CVSS
9.8AI Score
0.001EPSS
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains...
5.4CVSS
5.3AI Score
0.001EPSS
cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor...
6.1CVSS
5.9AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor...
6.5CVSS
6.5AI Score
0.001EPSS
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups...
3.3CVSS
4.1AI Score
0.0004EPSS
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task...
2.5CVSS
4AI Score
0.0004EPSS
3.3CVSS
4.1AI Score
0.0004EPSS
cPanel before 68.0.27 does not validate database and dbuser names during renames...
4.3CVSS
4.7AI Score
0.001EPSS
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab...
2.5CVSS
4AI Score
0.0004EPSS
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test...
3.3CVSS
4.1AI Score
0.0004EPSS
5.7CVSS
5.6AI Score
0.001EPSS
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script...
3.3CVSS
3.9AI Score
0.0004EPSS
cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script...
5.5CVSS
5.5AI Score
0.0004EPSS
8.8CVSS
8.6AI Score
0.001EPSS
cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging...
4.3CVSS
4.7AI Score
0.001EPSS
cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls...
2.7CVSS
4.2AI Score
0.001EPSS
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups...
3.3CVSS
4.1AI Score
0.0004EPSS
cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin...
5.6CVSS
5.7AI Score
0.0004EPSS
cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences...
5.4CVSS
5.2AI Score
0.001EPSS
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path...
8.8CVSS
8.9AI Score
0.001EPSS
cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents...
8.1CVSS
7.9AI Score
0.001EPSS
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd...
7.5CVSS
7.5AI Score
0.002EPSS
5.4CVSS
5.2AI Score
0.001EPSS
cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning...
9.8CVSS
9.7AI Score
0.005EPSS