Webpros Cpanel (Cloudlinux 6, Centos 6)
5 CVEs affecting Webpros Cpanel (Cloudlinux 6, Centos 6). Latest disclosed: 2026-05-13. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-29203 | High | 8.8 | 2026-05-08 | A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories… |
CVE-2026-29202 | High | 8.8 | 2026-05-08 | Insufficient input validation of the `plugin` parameter of the `create_user` plugin allows arbitrary Perl code execution on behalf of the already authenticated… |
CVE-2026-29201 | High | 8.6 | 2026-05-08 | Insufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relative file path is p… |
CVE-2026-29206 | High | 8.1 | 2026-05-13 | Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled. |
CVE-2026-32991 | High | 7.1 | 2026-05-13 | Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account. |