Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
swsoft plesk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4892
Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote malicious users to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3.
Swsoft Plesk 8.1.1
Swsoft Plesk 8.2
Swsoft Plesk 7.6.1
Swsoft Plesk 8.1
1 EDB exploit
NA
CVE-2007-2268
Multiple directory traversal vulnerabilities in SWsoft Plesk for Windows 7.6.1, 8.1.0, and 8.1.1 allow remote malicious users to read arbitrary files via a .. (dot dot) in the locale_id parameter to (1) login.php3 or (2) login_up.php3.
Swsoft Plesk 7.6.1
Swsoft Plesk 8.1.0
Swsoft Plesk 8.1.1
1 EDB exploit
NA
CVE-2006-6451
Multiple cross-site scripting (XSS) vulnerabilities in SWsoft Plesk 8.0.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) get_password.php or (2) login_up.php3.
Swsoft Plesk
Swsoft Plesk 7.5
2 EDB exploits
NA
CVE-2007-2269
Directory traversal vulnerability in top.php3 in SWsoft Plesk for Windows 8.1 and 8.1.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the locale_id parameter.
Swsoft Plesk 8.1.0
Swsoft Plesk 8.1.1
NA
CVE-2004-2702
Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 and 7.1 Reloaded allows remote malicious users to inject arbitrary web script or HTML via the login_name parameter. NOTE: this might be the same vector as CVE-2006-6451.
Swsoft Plesk 7.0
Swsoft Plesk 7.1
1 EDB exploit
NA
CVE-2006-5028
Directory traversal vulnerability in filemanager/filemanager.php in SWsoft Plesk 7.5 Reload and Plesk 7.6 for Microsoft Windows allows remote malicious users to list arbitrary directories via a ../ (dot dot slash) in the file parameter in a chdir action.
Swsoft Plesk 7.6
Swsoft Plesk Reload 7.5
1 EDB exploit
NA
CVE-2006-3737
Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the file parameter.
Swsoft Plesk Control Panel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started