📦 Cpanel

CVE-2020-26105 is an authentication bypass vulnerability in cPanel's chkservd service that uses insecure test credentials on templated virtual machines. Attackers can exploit these hardcoded credentia...

CVE-2020-26108 is a critical file-extension dispatching vulnerability in cPanel that allows remote attackers to execute arbitrary code. This affects cPanel web hosting control panel installations, pot...

CVE-2020-26098 is a critical remote code execution vulnerability in cPanel's Exim filter path handling. Attackers can exploit this to execute arbitrary code on affected cPanel servers. This affects al...

CVE-2020-26100 is a Jailshell escape vulnerability in cPanel's chsh command that allows authenticated users to break out of restricted shell environments. This affects cPanel installations before vers...

A directory traversal vulnerability in cPanel's Team Manager API allows attackers to overwrite arbitrary files, potentially leading to privilege escalation to root. This affects cPanel installations v...

This vulnerability allows XML External Entity (XXE) attacks through the WHM Locale Upload feature in cPanel. Attackers can exploit this to read arbitrary files from the server, potentially accessing s...

This vulnerability in cPanel's fix-cpanel-perl script allows local attackers to create arbitrary temporary files due to improper handling of file creation. It affects cPanel installations before versi...

This vulnerability in cPanel's fix-cpanel-perl script allows attackers to overwrite arbitrary files on the system. It affects cPanel installations before version 96.0.13, potentially enabling privileg...