Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4763

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-4763
Last Modified 17 Jan 2012 11:16:16
Published 16 Dec 2011 06:55:11
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4763

Summary

Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files.

Vulnerable Systems

Application

  • Parallels Plesk Small Business Panel 10.2.0


References

MISC - http://xss.cx/examples/plesk-reports/plesk-10.2.0-site-editor.html

XF - ppsbp-se-multiple-sql-injection(72215)


Last Updated: 27 May 2016 10:57:56