Shodan
Vulnerabilities
Vulnerable Software
Cpanel:  >> Cpanel  Security Vulnerabilities
CVE-2018-20921
cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-01
CVE-2018-20922
cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-01
CVE-2018-20923
cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377).
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-01
CVE-2018-20902
cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408).
CVSS Score
5.5
EPSS Score
0.001
Published
2019-08-01
CVE-2018-20903
cPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface (SEC-421).
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-01
CVE-2018-20904
cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427).
CVSS Score
4.3
EPSS Score
0.002
Published
2019-08-01
CVE-2018-20905
cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429).
CVSS Score
5.4
EPSS Score
0.001
Published
2019-08-01
CVE-2018-20906
cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430).
CVSS Score
4.3
EPSS Score
0.002
Published
2019-08-01
CVE-2018-20907
cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432).
CVSS Score
4.3
EPSS Score
0.002
Published
2019-08-01
CVE-2018-20908
cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435).
CVSS Score
5.5
EPSS Score
0.001
Published
2019-08-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved