2024

2023

2022

2021

2020

2019

2018

CVE-2018-20887 (v3: 9.8) 1 Aug 2019
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420).

2017

CVE-2017-18406 (v3: 7.5) 2 Aug 2019
cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276).

2016

CVE-2016-10817 (v3: 9.8) 1 Aug 2019
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
CVE-2016-10839 (v3: 8.1) 1 Aug 2019
cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71).

2015