Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
parallels vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0132
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote malicious users to execute arbitrary PHP code via a request containing crafted environment variables.
Parallels Parallels Plesk Panel 11.0.9
NA
CVE-2013-0133
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable.
Parallels Parallels Plesk Panel 11.0.9
NA
CVE-2012-5004
Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote malicious users to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create...
Parallels H-sphere 3.3
NA
CVE-2012-1823
sapi/cgi/cgi_main.c in PHP prior to 5.3.12 and 5.4.x prior to 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to execute arbitrary code by placing command-line...
Php Php
Php Php 5.3.10
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.1
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.7
Php Php 5.1.6
Php Php 5.1.4
Php Php 5.0.0
Php Php 5.3.5
Php Php 5.3.4
Php Php 5.3.9
Php Php 5.3.8
Php Php 5.3.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.3
Php Php 5.2.15
Php Php 5.2.16
4 EDB exploits
2 Nmap scripts
17 Github repositories
1 Article
NA
CVE-2012-1557
SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x prior to 8.6 MU#2, 9.x prior to 9.5 MU#11, 10.0.x before MU#13, 10.1.x before MU#22, 10.2.x before MU#16, and 10.3.x before MU#5 allows remote malicious users to execute arbitrary SQL...
Parallels Parallels Plesk Panel 7.0
Parallels Parallels Plesk Panel 8.6
Parallels Parallels Plesk Panel 7.6.1
Parallels Parallels Plesk Panel 8.0
Parallels Parallels Plesk Panel 8.3
Parallels Parallels Plesk Panel 8.4
Parallels Parallels Plesk Panel 8.1
Parallels Parallels Plesk Panel 8.2
Parallels Parallels Plesk Panel 9.0
Parallels Parallels Plesk Panel 9.2
Parallels Parallels Plesk Panel 9.5.4
Parallels Parallels Plesk Panel 9.3
Parallels Parallels Plesk Panel 9.5
Parallels Parallels Plesk Panel 10.0.1
Parallels Parallels Plesk Panel 10.1.1
Parallels Parallels Plesk Panel 10.2.0
Parallels Parallels Plesk Panel 10.3.1
NA
CVE-2011-4726
Multiple cross-site scripting (XSS) vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote malicious users to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/health/ and ce...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4730
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote malicious users to bypass authentication by leveraging an unattended workstation, as dem...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4731
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 includes an RFC 1918 IP address within a web page, which allows remote malicious users to obtain potentially sensitive information by reading this page, as demonstrated by admin/home/admin and cert...
Parallels Parallels Plesk Panel 10.2.0 Build1011110331.18
NA
CVE-2011-4734
Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote malicious users to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by file-manager/ and certain other files.
Parallels Parallels Plesk Panel 10.2.0 Build20110407.20
NA
CVE-2011-4736
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password input over HTTP, which allows remote malicious users to obtain sensitive information by sniffing the network, as demonstrated by forms in login_up.php3 and certain other files.
Parallels Parallels Plesk Panel 10.2.0 Build20110407.20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »