Lucene search
K

618 matches found

OSV
OSV
added 2026/01/08 7:15 p.m.6 views

CVE-2025-65518

Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service DoS condition. The vulnerability exists in the getpassword.php endpoint, where a crafted request containing a malicious payload can cause the affected web interface to continuously reload, rendering the service...

7.5CVSS5.8AI score0.00547EPSS
Exploits0References3
NVD
NVD
added 2026/01/08 7:15 p.m.9 views

CVE-2025-65518

Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service DoS condition. The vulnerability exists in the getpassword.php endpoint, where a crafted request containing a malicious payload can cause the affected web interface to continuously reload, rendering the service...

7.5CVSS0.00547EPSS
Exploits0References5
CVE
CVE
added 2026/01/08 12:0 a.m.22 views

CVE-2025-65518

Plesk Obsidian (versions 8.0.1 to 18.0.73) is affected by a Denial of Service in the get_password.php endpoint. A crafted, malicious request can cause the web interface to continuously reload, rendering the service unavailable to legitimate users. Exploitation is remote and does not require authe...

7.5CVSS6.4AI score0.00547EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/08 12:0 a.m.3 views

CVE-2025-65518

Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service DoS condition. The vulnerability exists in the getpassword.php endpoint, where a crafted request containing a malicious payload can cause the affected web interface to continuously reload, rendering the service...

6.4AI score0.00547EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.7 views

Plesk Obsidian 安全漏洞

Plesk Obsidian is a hosting control panel from the Swiss company Plesk. A security vulnerability exists in Plesk Obsidian versions 8.0.1 through 18.0.73, which stems from improper handling of malicious loads in the file getpassword.php, which could lead to a denial of service attack...

7.5CVSS6.5AI score0.00547EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.8 views

PT-2026-1848

Name of the Vulnerable Software and Affected Versions Plesk Obsidian versions 8.0.1 through 18.0.73 Description Plesk Obsidian versions 8.0.1 through 18.0.73 are susceptible to a Denial of Service DoS condition. The issue resides in the get password.php API endpoint, where a specifically crafted...

7.5CVSS6.7AI score0.00547EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/01/08 12:0 a.m.38 views

CVE-2025-65518

Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service DoS condition. The vulnerability exists in the getpassword.php endpoint, where a crafted request containing a malicious payload can cause the affected web interface to continuously reload, rendering the service...

0.00547EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.6 views

CVE-2025-66430

Plesk 18.0 has Incorrect Access Control...

9.1CVSS7AI score0.00439EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:30 p.m.6 views

EUVD-2025-203102

Plesk 18.0 has Incorrect Access Control...

9.1CVSS6.5AI score0.00439EPSS
Exploits0References3
OSV
OSV
added 2025/12/12 4:15 p.m.5 views

CVE-2025-66430

Plesk 18.0 has Incorrect Access Control...

9.1CVSS5.8AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2025/12/12 4:15 p.m.9 views

CVE-2025-66430

Plesk 18.0 has Incorrect Access Control...

9.1CVSS0.00439EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/12 12:0 a.m.26 views

CVE-2025-66430

Plesk 18.0 has Incorrect Access Control...

0.00439EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.6 views

Plesk 安全漏洞

Plesk is a web hosting control panel from the Swiss company Plesk. A security vulnerability exists in Plesk version 18.0 that stems from improper access control...

9.1CVSS6.8AI score0.00439EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/12 12:0 a.m.3 views

CVE-2025-66430

Plesk 18.0 has Incorrect Access Control...

6.6AI score0.00439EPSS
Exploits0References2
CVE
CVE
added 2025/12/12 12:0 a.m.29 views

CVE-2025-66430

Summary: CVE-2025-66430 affects Plesk 18.0 through 18.0.74 in the Password-Protected Directories feature. An authenticated attacker with limited privileges can inject arbitrary directives into Apache configuration files, leading to root-privilege command execution and potential full server compro...

9.1CVSS6.6AI score0.00439EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/05 8:32 p.m.8 views

CVE-2025-66431

WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage sites" with "Domains management" and "Subdomains management."...

7.8CVSS7.8AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2025/12/03 5:15 p.m.17 views

CVE-2025-66431

WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage sites" with "Domains management" and "Subdomains management."...

7.8CVSS0.0022EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/03 12:0 a.m.22 views

CVE-2025-66431

WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage sites" with "Domains management" and "Subdomains management."...

7.8CVSS0.0022EPSS
Exploits0References3
CVE
CVE
added 2025/12/03 12:0 a.m.14 views

CVE-2025-66431

CVE-2025-66431 affects WebPros Plesk on Linux, prior to 18.0.73.5 and before 18.0.74.2 in the 18.x branch. Flaw in the domain creation mechanism allows remote authenticated users to execute arbitrary code as root when they have Create and manage sites with Domains management and Subdomains manage...

7.8CVSS7.4AI score0.0022EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.6 views

WebPros Plesk 安全漏洞

WebPros Plesk is a web hosting platform from WebPros, Inc. A security vulnerability exists in WebPros Plesk versions prior to 18.0.73.5 and versions prior to 18.0.74 through 18.0.74.2, which stems from a flaw in the domain creation functionality that could lead to remote code execution...

7.8CVSS7.7AI score0.0022EPSS
Exploits0References3
Rows per page
Query Builder