cPanel is a web hosting control panel software developed by cPanel, LLC. It provides a graphical interface (GUI) and automation tools designed to simplify the process of hosting a web site to the website owner or the “end user”. It enables administration through a standard web browser using a three-tier structure. While cPanel is limited to managing a single hosting account, cPanel & WHM allows the administration of the entire server. Our team has found multiple vulnerabilities in cPanel/WHM during a black-box pentest, the most important ones being an RCE and privilege escalation via stored XSS.