WebPros Plesk 安全漏洞

WebPros Plesk is a web hosting platform from WebPros, Inc. A security vulnerability exists in WebPros Plesk versions prior to 18.0.73.5 and versions prior to 18.0.74 through 18.0.74.2, which stems from a flaw in the domain creation functionality that could lead to remote code execution...

CVE-2025-66431

WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage sites" with "Domains management" and "Subdomains management."...

EUVD-2004-2692

Malware in sbrugna...

EUVD-2008-6943

Malware in sbrugna...

Plesk 跨站脚本漏洞

Parallels Plesk Panel is a control panel for the Plesk web hosting platform from Parallels USA. A security vulnerability exists in Plesk. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

SWSoft Plesk <= 8.2 - login.php3 PLESKSESSID Cookie SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/25646/info Plesk is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. Exploiting these issues could allow an attacker to compromis...

plesk-auth.txt

Hello, the reported vulnerability allows logins to mail and probably other services protected by plesk authentication modules on at least the current Plesk 8.6.0 Unix/Linux and could eg. be used for relaying spam through gained smtp auth priviledges. Only systems which allow short mail login name...

plesk 8.1.1 - &#039;login.php3&#039; Directory Traversal

source: https://www.securityfocus.com/bid/23639/info Plesk is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected...

CVE-2004-2702

Cross-site scripting XSS vulnerability in loginup.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the loginname parameter. NOTE: this might be the same vector as CVE-2006-6451...

twlc-adv-plesk211201.txt

twlc security divison 21/12/2001 plesk psa allows reading of .php files Found by: supergate ./twlc Summary: Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the...

twlc advisory: plesk &#40;psa&#41; allows reading of .php files

twlc security divison 21/12/2001 plesk psa allows reading of .php files Found by: supergate ./twlc Summary: Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the...