CVE-2003-0521

cPanel 6.4.2 - Stored Cross-Site Scripting via Error Log or Latest Visitors Screens

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0521. PoCs published by Ory Segal.

AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in cPanel where malicious script code can be injected into requests and rendered in the browser of an administrative user when viewing logs. The provided GET request includes a simple JavaScript alert to prove the concept.

Description

Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ory Segal · textwebappsphp

https://www.exploit-db.com/exploits/22874

View Code ZIP pw:eip

This exploit demonstrates an HTML injection vulnerability in cPanel where malicious script code can be injected into requests and rendered in the browser of an administrative user when viewing logs. The provided GET request includes a simple JavaScript alert to prove the concept.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: cPanel (version not specified)

No auth needed

Prerequisites: Access to send HTTP requests to the target cPanel server

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105760556627616&w=2

Scores

EPSS 0.0165

EPSS Percentile 73.5%

Details

Status published

Products (8)

cpanel/cpanel 5.0

cpanel/cpanel 5.3

cpanel/cpanel 6.0

cpanel/cpanel 6.2

cpanel/cpanel 6.4

cpanel/cpanel 6.4.1

cpanel/cpanel 6.4.2

cpanel/cpanel 6.4.2_stable_48

Published Aug 18, 2003

Tracked Since Feb 18, 2026