Remote Code Execution Vulnerability in Parallels Plesk Panel and Small Business Panel
CVE-2013-4878

Currently unrated

Key Information:

Vendor

Parallels

Status
Parallels Plesk Panel
Parallels Small Business Panel
Vendor
CVE Published:
18 July 2013

What is CVE-2013-4878?

The default configuration of Parallels Plesk Panel versions 9.0.x and 9.2.x, as well as Small Business Panel 10.x, on UNIX systems is susceptible to a remote code execution vulnerability. This issue arises from an improper ScriptAlias directive for phppath, allowing attackers to execute arbitrary code through specially crafted requests. This vulnerability poses significant risks to server integrity and user data security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/fulldisclosure/2013/Jun/21
mailing-listx_refsource_FULLDISC
http://www.kb.cert.org/vuls/id/673343
third-party-advisoryx_refsource_CERT-VN
http://kb.parallels.com/116241
x_refsource_CONFIRM

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.