Exposição de cPanel
Hosting panels52
score de exposição
1.182
sites usam
1
em exploração
1
críticos
CVEs
9 resultadosCVE-2026-41940CRITICALWebPros cPanel and WHM Authentication Bypass via Login FlowEPSS 98.1%KEVCVE-2026-29205HIGHIncorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment downloaEPSS 7.2%CVE-2026-29202MEDIUMInsufficient input validation of the `plugin` parameter of the `create_user` plugin allows arbitrary Perl code execution on behalf of the alEPSS 0.8%CVE-2026-29203MEDIUMA chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system filEPSS 0.5%CVE-2026-29201HIGHInsufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relaEPSS 0.4%CVE-2026-29206HIGHInsufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow QueryEPSS 0.3%CVE-2026-32993HIGHImproper sanitization of the `status` query parameter of the `/unprotected/nova_error` endpoint allows unauthenticated attacker to inject arEPSS 0.3%CVE-2026-32992HIGHSSL verification is disabled in the DNS Cluster system. This could allow for a malicious server to man-in-the-middle the request and captureEPSS 0.3%CVE-2026-32991HIGHImproper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.EPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →