CVE-2006-5014

high-risk
Published 2006-09-27

Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.

Do I need to act?

~
2.8% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
2466
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (19)

Affected Vendors

Cpanel

References (10)

http://changelog.cpanel.net/?build=&showall=1
http://forums.cpanel.net/showthread.php?t=58134
Patch http://secunia.com/advisories/22072
http://securitytracker.com/id?1016913
http://www.securityfocus.com/bid/20163
http://changelog.cpanel.net/?build=&showall=1
http://forums.cpanel.net/showthread.php?t=58134
Patch http://secunia.com/advisories/22072
http://securitytracker.com/id?1016913
http://www.securityfocus.com/bid/20163
62
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 13/34 · Low
Exposure 19/34 · Moderate