SQL Injection Vulnerability in Parallels Plesk Small Business Panel 10.2.0
CVE-2011-4753

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Small Business Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4753?

The Parallels Plesk Small Business Panel 10.2.0 is susceptible to multiple SQL injection vulnerabilities that allow remote attackers to inject and execute arbitrary SQL commands through manipulated input fields in PHP scripts. Notable affected entry points include 'domains/sitebuilder_edit.php', among others. This exploit can compromise the integrity of the database, potentially leading to unauthorized data manipulation or exposure, necessitating immediate security measures for users relying on this platform.

References

http://xss.cx/examples/plesk-reports/plesk-10.2.0.html

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/72205

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011