CVE Vulnerabilities

CVE-2004-1770

Published: Mar 11, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.

Affected Software

Name Vendor Start Version End Version
Cpanel Cpanel 5.0 5.0
Cpanel Cpanel 5.3 5.3
Cpanel Cpanel 6.0 6.0
Cpanel Cpanel 6.2 6.2
Cpanel Cpanel 6.4 6.4
Cpanel Cpanel 6.4.1 6.4.1
Cpanel Cpanel 6.4.2 6.4.2
Cpanel Cpanel 6.4.2_stable_48 6.4.2_stable_48
Cpanel Cpanel 7.0 7.0
Cpanel Cpanel 8.0 8.0
Cpanel Cpanel 9.0 9.0
Cpanel Cpanel 9.1 9.1

References