漏洞描述
cPanel 是一套在网页寄存业中最享负盛名的商业软件,是基于于 Linux 和 BSD 系统及以 PHP开发且性质为闭源软件;提供了足够强大和相当完整的主机管理功能,诸如:Webmail 及多种电邮协议、网页化 FTP 管理、SSH 连线、数据库管理系统、DNS管理等远端网页式主机管理软件功能。cPanel低于11.109.9999.116存在XSS漏洞
cPanel低于11.109.9999.116存在XSS漏洞(CVE-2023-29489)
PoC代码
暂无相关漏洞推荐
- Pterodactyl Panel /locales/locale.json 信息泄露漏洞(CVE-2025-49132)
- DPanel 硬编码漏洞(CVE-2025-30206)
- POC 1Panel 远程命令执行漏洞
- POC CVE-2012-4032: WebsitePanel before v1.2.2.1 - Open Redirect
- POC CVE-2018-18323: Centos Web Panel 0.9.8.480 - Local File Inclusion
- POC CVE-2021-3002: Seo Panel 4.8.0 - Cross-Site Scripting
- POC CVE-2021-31316: CentOS Web Panel - SQL Injection
- POC CVE-2021-31324: CentOS Web Panel - OS Command Injection
- POC CVE-2021-41878: i-Panel Administration System 2.0 - Cross-Site Scripting
- POC CVE-2022-44877: CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution
- POC CVE-2023-29489: cPanel < 11.109.9999.116 - Cross-Site Scripting
- POC CVE-2023-35885: Cloudpanel 2 < 2.3.1 - Remote Code Execution
- POC CVE-2024-39907: 1Panel SQL Injection - Authenticated