HIGH SeverityCVSS 3.18.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CVE-2026-29206

Last updated May 13, 2026 · Published May 13, 2026

Description

Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled.

Affected products

2 listed

WebPros:WP Squared; WebPros:cPanel; WebPros:cPanel (CloudLinux 6
CentOS 6)

Mappings

CWE

CWE-89

CAPEC

None listed.

Research

SQL InjectionCovers how unsafe query construction enables data theft and database compromise. Provides parameterization and…

Guides

SQL Injection Prevention with PrismaSafe patterns for raw queries and dynamic filters.

Training

Injection TodaySQL, NoSQL, ORM, and LLM injection - what's changed and what hasn't.

CVE-2026-29206

Description

Affected products

Mappings

Related