cPanel prior to 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191).
cpanel cpanel