Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
parallels vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4758
Parallels Plesk Small Business Panel 10.2.0 receives cleartext password input over HTTP, which allows remote malicious users to obtain sensitive information by sniffing the network, as demonstrated by forms in smb/auth and certain other files.
Parallels Parallels Plesk Small Business Panel 10.2.0
NA
CVE-2011-4759
Parallels Plesk Small Business Panel 10.2.0 generates web pages containing external links in response to GET requests with query strings for client@1/domain@1/hosting/file-manager/ and certain other files, which makes it easier for remote malicious users to obtain sensitive infor...
Parallels Parallels Plesk Small Business Panel 10.2.0
NA
CVE-2011-4760
Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote malicious users to obtain potentially sensitive information by reading a page, as demonstrate...
Parallels Parallels Plesk Small Business Panel 10.2.0
NA
CVE-2011-4764
Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote malicious users to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Wizard/Edit/Mo...
Parallels Parallels Plesk Small Business Panel 10.2.0
NA
CVE-2011-4767
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote malicious users to obtain potentially sensitive ...
Parallels Parallels Plesk Small Business Panel 10.2.0
NA
CVE-2011-4768
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote malicious users to have an unspecified impact by leveraging an interpretation conflict i...
Parallels Parallels Plesk Small Business Panel 10.2.0
NA
CVE-2011-4762
Parallels Plesk Small Business Panel 10.2.0 sends incorrect Content-Type headers for certain resources, which might allow remote malicious users to have an unspecified impact by leveraging an interpretation conflict involving smb/app/top-categories-data/ and certain other files. ...
Parallels Parallels Plesk Small Business Panel 10.2.0
NA
CVE-2008-6465
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote malicious users to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters.
Parallels H-sphere 3.0.0
Parallels H-sphere 3.1
NA
CVE-2008-6478
Cross-site request forgery (CSRF) vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft (build 4.0.0-365.6.swsoft) and 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote malicious users to create and delete arbitrary files as the admini...
Parallels Virtuozzo Containers 4.0.0-365.6.swsoft
Parallels Virtuozzo Containers 3.0.0-25.4.swsoft
1 EDB exploit
NA
CVE-2007-1222
Parallels Desktop for Mac prior to 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows local users of the guest operating system to write arbitrary files to the host filesystem, and execute arbitrary code via launchd by writing ...
Parallels Parallels Desktop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »