Information Disclosure in Parallels Plesk Panel by Parallels
CVE-2011-4731

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4731?

The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 contains a security flaw that inadvertently reveals RFC 1918 IP addresses within web pages. This exposure can enable remote attackers to access sensitive information by reading specific files, like admin/home/admin. Proper safeguards are essential to mitigate this risk and protect sensitive data within web applications.

References

http://xss.cx/examples/plesk-reports/plesk-redhat-el6-psa...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 16, 2011