SQL Injection Vulnerability in Parallels Plesk Panel Products
CVE-2012-1557

Currently unrated

Key Information:

Vendor

Parallels

Status
Parallels Plesk Panel
Vendor
CVE Published:
12 March 2012

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2012-1557?

A SQL injection vulnerability exists in the Plesk Panel's Admin API that permits remote attackers to execute arbitrary SQL commands through unvalidated input. This flaw was notably exploited in the wild as of March 2012, potentially leading to unauthorized access and data manipulation. Version-specific updates were made to address this security issue, emphasizing the necessity for timely patching and awareness among users to mitigate potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2012-1557 - Proof of Concept

References

http://www.h-online.com/security/news/item/Bug-in-Plesk-a...
x_refsource_MISC
http://kb.parallels.com/en/113321
x_refsource_CONFIRM
http://www.osvdb.org/79769
vdb-entryx_refsource_OSVDB

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.