EUVD-2007-4873

Malware in sbrugna...

Sql injection

Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to 1 login.php3 or 2 auth.php3...

SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection

source: https://www.securityfocus.com/bid/25646/info Plesk is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. Exploiting these issues could allow an attacker to compromise the application, access or modif...