Lucene search
K

618 matches found

CVE
CVE
added 2006/09/27 11:0 p.m.45 views

CVE-2006-5028

CVE-2006-5028 : A directory traversal flaw exists in SWsoft Plesk 7.5 Reload and Plesk 7.6 for Windows, in filemanager/filemanager.php, where a crafted file parameter using ../ in a chdir action lets remote attackers list arbitrary directories. This is documented in the NVD entries, with the impa...

5CVSS7.1AI score0.46478EPSS
Exploits1References6Affected Software2
Cvelist
Cvelist
added 2006/09/27 11:0 p.m.16 views

CVE-2006-5028

Directory traversal vulnerability in filemanager/filemanager.php in SWsoft Plesk 7.5 Reload and Plesk 7.6 for Microsoft Windows allows remote attackers to list arbitrary directories via a ../ dot dot slash in the file parameter in a chdir action...

6.8AI score0.46478EPSS
Exploits1References6
securityvulns
securityvulns
added 2006/09/23 12:0 a.m.36 views

[PLESK 7.5 Reload] & [PLESK 7.6 for MS Windows] path passing and disclosure vulnerability

/-------------------------------------- PLESK 7.5 Reload and lower & PLESK 7.6 for M$ Windows path passing and disclosure Discovered By: GuanYu Email: [email protected] Website: HVA http://www.vnhacker.org --------------------------------------/ -| Description: |- PLESK is a powerful web control...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2006/09/22 12:0 a.m.13 views

PLESK 7.57.6 - FileManager.php Directory Traversal

PLESK 7.57.6 - FileManager.php Directory Traversal source: https://www.securityfocus.com/bid/20155/info PLESK is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the...

Exploits0
Exploit DB
Exploit DB
added 2006/09/22 12:0 a.m.17 views

PLESK 7.5/7.6 - 'FileManager.php' Directory Traversal

source: https://www.securityfocus.com/bid/20155/info PLESK is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/07/24 12:0 a.m.126 views

Plesk Control Panel <= 8.0.0 XSS vulnerability

Product: Plesk control panel Version: = 8.0.0 Vendor: SWSoft Inc. URL: http://www.swsoft.com/en/products/plesk/ VULNERABILITY CLASS: XSS Product Description Plesk is comprehensive server management software developed specifically for the Hosting Service Industry with the assistance of Web hosting...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/07/20 12:0 a.m.39 views

plesk800.txt

Product: Plesk control panel Version: alert; Credits INVENT...

7.4AI score
Exploits0
CVE
CVE
added 2006/07/19 11:0 p.m.49 views

CVE-2006-3737

CVE-2006-3737 describes a cross-site scripting (XSS) vulnerability in the filemanager/filemanager.php component of the SWsoft Plesk control panel (version 8.0 and earlier). The issue arises when an authenticated user supplies a crafted file parameter, allowing injection of arbitrary web script or...

4.3CVSS5.5AI score0.01196EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.18 views

CVE-2004-2702

Cross-site scripting XSS vulnerability in loginup.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the loginname parameter. NOTE: this might be the same vector as CVE-2006-6451...

4.3CVSS5.6AI score0.01926EPSS
Exploits1References8
securityvulns
securityvulns
added 2004/08/30 12:0 a.m.30 views

[SA12368] Plesk "login_name" Cross-Site Scripting Vulnerability

TITLE: Plesk "loginname" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA12368 VERIFY ADVISORY: http://secunia.com/advisories/12368/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Plesk 7.x http://secunia.com/product/3833/ DESCRIPTION: Sourvivor has...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/25 12:0 a.m.448 views

Plesk Reloaded login_up.php3 login_name Parameter XSS

The remote host is running Plesk Reloaded from SWsoft, a web-based system administration tool. The remote version of this software is vulnerable to a cross-site scripting attack because of its failure to sanitize user input to the 'loginname' parameter of the 'loginup.php3' script. This issue can...

4.3CVSS5.7AI score0.01926EPSS
Exploits1References2
exploitpack
exploitpack
added 2004/08/24 12:0 a.m.15 views

SWsoft Plesk Reloaded 7.1 - Login_name Cross-Site Scripting

SWsoft Plesk Reloaded 7.1 - Loginname Cross-Site Scripting source: https://www.securityfocus.com/bid/11024/info It is reported that Plesk Reloaded may be affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI inpu...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2004/08/24 12:0 a.m.42 views

SWsoft Plesk Reloaded 7.1 - 'Login_name' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11024/info It is reported that Plesk Reloaded may be affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a...

7.4AI score
Exploits0
NVD
NVD
added 2002/03/25 5:0 a.m.19 views

CVE-2001-1222

Plesk Server Administrator PSA 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain...

5CVSS6.9AI score0.01601EPSS
Exploits0References3
CVE
CVE
added 2002/03/15 5:0 a.m.50 views

CVE-2001-1222

Plesk Server Administrator (PSA) 1.0 is affected by CVE-2001-1222: remote attackers can obtain PHP source code by issuing an HTTP request that includes the target IP address and a valid domain account name. The vulnerability is documented in NVD with a medium impact score (CVSSv2: AV:N/AC:L/Au:N/...

5CVSS7.3AI score0.01601EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.25 views

CVE-2001-1222

Plesk Server Administrator PSA 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain...

6.9AI score0.01601EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2001/12/26 12:0 a.m.34 views

twlc-adv-plesk211201.txt

twlc security divison 21/12/2001 plesk psa allows reading of .php files Found by: supergate ./twlc Summary: Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/12/22 12:0 a.m.23 views

twlc advisory: plesk (psa) allows reading of .php files

twlc security divison 21/12/2001 plesk psa allows reading of .php files Found by: supergate ./twlc Summary: Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the...

7AI score
Exploits0
Rows per page
Query Builder