Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
parallels vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5817
prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configuration.
Parallels Parallels Desktop Build 1940
NA
CVE-2007-4009
PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 up to and including 3.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the thisdir parameter.
Parallels Confixx 3.3.1
Parallels Confixx 2.0.12
1 EDB exploit
NA
CVE-2011-4725
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote malicious users to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by login_up.php3 and certain other files.
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4726
Multiple cross-site scripting (XSS) vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote malicious users to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/health/ and ce...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4727
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote malicious users to cause a denial of service (parsing error) or possibly have unspecified...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4728
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not set the secure flag for a cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session, as de...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4729
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4730
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote malicious users to bypass authentication by leveraging an unattended workstation, as dem...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4731
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 includes an RFC 1918 IP address within a web page, which allows remote malicious users to obtain potentially sensitive information by reading this page, as demonstrated by admin/home/admin and cert...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4732
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote malicious users to have an unspecified impact by leveraging an interpretation conflict involvi...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »