CVE-2003-1425

cPanel 5.0 - Remote Code Execution via Guestbook.cgi Template Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2003-1425. PoCs published by pokleyzz, SPAX, CaMaLeoN.

AI-analyzed exploit summary This exploit targets a remote command execution vulnerability in cPanel's guestbook.cgi script due to insufficient sanitization of the 'template' parameter. It sends an HTTP GET request with a malicious payload to execute arbitrary commands on the server.

Description

guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.

Exploits (4)

exploitdb WORKING POC VERIFIED
by pokleyzz · perlwebappscgi
https://www.exploit-db.com/exploits/22263

This exploit targets a remote command execution vulnerability in cPanel's guestbook.cgi script due to insufficient sanitization of the 'template' parameter. It sends an HTTP GET request with a malicious payload to execute arbitrary commands on the server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: cPanel version 5 and below
No auth needed
Prerequisites: Network access to the target server · cPanel version 5 or below with vulnerable guestbook.cgi
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by SPAX · perlwebappscgi
https://www.exploit-db.com/exploits/22262

This exploit targets a command injection vulnerability in cPanel's guestbook.cgi script (CVE-2003-1425). It allows remote command execution by injecting commands via the 'template' parameter. The script establishes a connection to the target host and executes arbitrary commands in the context of the web server.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: cPanel version 5 (and possibly earlier versions)
No auth needed
Prerequisites: Network access to the target cPanel server · The guestbook.cgi script must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by CaMaLeoN · perlwebappscgi
https://www.exploit-db.com/exploits/22261

This exploit targets a command injection vulnerability in cPanel's guestbook.cgi script. It sends a crafted HTTP request with a command embedded in the 'template' parameter, allowing remote command execution on the affected server.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: cPanel version 5 (and possibly earlier versions)
No auth needed
Prerequisites: Network access to the target cPanel server · The guestbook.cgi script must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by bob · cwebappscgi
https://www.exploit-db.com/exploits/22260

This exploit targets a command injection vulnerability in cPanel's guestbook.cgi script (CVE-2003-1425). It sends a crafted HTTP GET request to execute arbitrary commands on the server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: cPanel version 5 and below
No auth needed
Prerequisites: Network access to the target server · cPanel version 5 or below with guestbook.cgi exposed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0087.html
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6882
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11356

Scores

EPSS 0.1148
EPSS Percentile 95.5%

Details

CWE
CWE-20
Status published
Products (1)
cpanel/cpanel 5.0
Published Dec 31, 2003
Tracked Since Feb 18, 2026