CVE-2018-20887 (v3: 9.8)
1 Aug 2019
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420).