6 matches found
CVE-2011-4852
The Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 generates web pages containing external links in response to GET requests with query strings for enterprise/mobile-monitor/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by...
Cross site scripting
The Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 generates web pages containing external links in response to GET requests with query strings for enterprise/mobile-monitor/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by...
CVE-2011-4751
SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading 1 web-server access logs or 2 web-server Referer logs,...
CVE-2011-4740
The CVE-2011-4740 entry affects Parallels Plesk Panel 10.2.0 build 20110407.20. The issue is described as a cross-domain Referer leakage: the Control Panel generates web pages containing external links in response to GET requests with specific query strings (e.g., smb/app/search-data/catalogId/ma...
CVE-2011-4852
The Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 generates web pages containing external links in response to GET requests with query strings for enterprise/mobile-monitor/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by...
CVE-2009-3166
Bugzilla 3.4rc1–3.4.1 vulnerability: token.cgi places a password in the login URL after a reset, allowing context-dependent attackers to obtain passwords via web server access logs, Referer logs, or browser history. The provided documents confirm Bugzilla involvement and CVE-2009-3166, but do not...