CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1CVE-2004-1849
https://notcve.org/view.php?id=CVE-2004-1849
24 Mar 2004 — Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html. • http://marc.info/?l=bugtraq&m=108006627005371&w=2 •
CVSS: 10.0EPSS: 26%CPEs: 12EXPL: 4CVE-2004-1769 – cPanel 5/6/7/8/9 - Resetpass Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1769
11 Mar 2004 — The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass. • https://www.exploit-db.com/exploits/23804 •
CVSS: 10.0EPSS: 43%CPEs: 12EXPL: 3CVE-2004-1770 – cPanel 5/6/7/8/9 - Login Script Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1770
11 Mar 2004 — The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter. • https://www.exploit-db.com/exploits/23807 •