For informational purposes only

Vulnerability type: Information Disclosure
Price: $1,000

The seller claims that the exploit can be used to obtain data related to website access via cPanel, including the website URL, username, and password. The issue is said to affect 13,522 cPanel servers across 94 countries, including the United States and EU member states.

cPanel is a popular commercial web-based hosting control panel used by hosting providers, VPS owners, and website administrators to manage server infrastructure through a browser. It allows users to configure domains and subdomains, email accounts, databases, FTP accounts, SSL certificates, website files, and backups.

According to 2026 data from WebPros International LLC and CloudLinux, cPanel accounts for 64% of the global market.

💬 Discuss

Sale of a 0-day exploit for cPanel, a web-based hosting control panel