Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files.
CPE | Name | Operator | Version |
---|---|---|---|
parallels_plesk_small_business_panel | eq | 10.2.0 |