SQL Injection Vulnerability in Parallels Plesk Panel by Parallels
CVE-2011-4847

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4847?

An SQL injection vulnerability exists in the Control Panel of Parallels Plesk Panel, allowing remote attackers to execute arbitrary SQL commands. This security flaw is triggered via manipulation of the certificateslist cookie, which can lead to unauthorized database access and potential data compromise.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72222

vdb-entryx_refsource_XF

http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4....

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 15, 2011