SQL Injection Vulnerabilities in Parallels Plesk Panel by Parallels
CVE-2011-4725

Currently unrated

Key Information:

Vendor

Parallels

Vendor
CVE Published:
16 December 2011

What is CVE-2011-4725?

The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 is exposed to multiple SQL injection vulnerabilities. These flaws enable remote attackers to manipulate SQL queries through specially crafted input to certain PHP scripts, including login_up.php3. Successful exploitation could lead to unauthorized access and execution of arbitrary SQL commands, posing serious security risks to users by compromising sensitive data.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.