CVE-2006-5014
published 2006-09-27CVE-2006-5014: Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and…
PriorityP339high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
3.87%
88.9th percentile
Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
| cpanel | cpanel | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
cPanel up to 10.8.2 118 privilege escalation (EDB-2466 / BID-20163)
vuldb·2026-04-23·CVSS 8.8
CVE-2006-5014 [HIGH] cPanel up to 10.8.2 118 privilege escalation (EDB-2466 / BID-20163)
A vulnerability categorized as critical has been discovered in cPanel. This affects an unknown part. Such manipulation leads to privilege escalation.
This vulnerability is traded as CVE-2006-5014. The attack may be launched remotely. Furthermore, there is an exploit available.
It is advisable to upgrade the affected component.
GHSA
GHSA-cj38-v6qv-2jpj: Unspecified vulnerability in cPanel before 10
ghsa_unreviewed·2022-05-01
CVE-2006-5014 [HIGH] CWE-276 GHSA-cj38-v6qv-2jpj: Unspecified vulnerability in cPanel before 10
Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
No detection rules found.
No writeups or analysis indexed.
http://changelog.cpanel.net/?build=&showall=1http://forums.cpanel.net/showthread.php?t=58134http://secunia.com/advisories/22072http://securitytracker.com/id?1016913http://www.securityfocus.com/bid/20163http://changelog.cpanel.net/?build=&showall=1http://forums.cpanel.net/showthread.php?t=58134http://secunia.com/advisories/22072http://securitytracker.com/id?1016913http://www.securityfocus.com/bid/20163
2006-09-27
Published