Lucene search
K
SwsoftPlesk

6 matches found

CVE
CVE
added 2007/10/06 9:0 p.m.63 views

CVE-2004-2702

CVE-2004-2702 is a cross-site scripting (XSS) vulnerability in SWsoft Plesk Reloaded's login_up.php3, exploitable via the login_name parameter. Affected are Plesk 7.0 and 7.1 Reloaded; root cause: failure to sanitize input to login_name. Impact: remote attacker can inject arbitrary script visible...

4.3CVSS5.7AI score0.01926EPSS
CVE
CVE
added 2007/04/25 8:0 p.m.58 views

CVE-2007-2268

CVE-2007-2268 : Multiple directory traversal vulnerabilities affect SWsoft Plesk for Windows (versions 7.6.1, 8.1.0, 8.1.1). The issue arises from unsafely handling the locale_id parameter in login.php3, login_up.php3 (and top.php3 per NASL) which allows an unauthenticated attacker to read arbitr...

5CVSS6.9AI score0.03514EPSS
CVE
CVE
added 2007/09/14 6:0 p.m.56 views

CVE-2007-4892

CVE-2007-4892 describes multiple SQL injection vulnerabilities in SWSoft Plesk versions 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows. The underlying issue is SQL injection via the PLESKSESSID cookie, exploitable through (1) login.php3 and (2) auth.php3, allowing remote attackers to execute arbitrar...

7.5CVSS8.6AI score0.01216EPSS
CVE
CVE
added 2006/12/10 9:0 p.m.49 views

CVE-2006-6451

SWsoft Plesk 8.0.1 and earlier are affected by multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to get_password.php or login_up.php3. The issue is documented across CVE-2006-6451, with CVSSv2 base metrics indicating a mediu...

6.8CVSS6.1AI score0.02268EPSS
CVE
CVE
added 2007/04/25 8:0 p.m.49 views

CVE-2007-2269

CVE-2007-2269 affects SWsoft Plesk for Windows versions 8.1 and 8.1.1. It is a directory traversal vulnerability in top.php3 that allows remote attackers to read arbitrary files by supplying .. in the locale_id parameter. Exploitation details, affected versions beyond the listed ones, and remedia...

5CVSS6.7AI score0.01439EPSS
CVE
CVE
added 2006/09/27 11:0 p.m.45 views

CVE-2006-5028

CVE-2006-5028 : A directory traversal flaw exists in SWsoft Plesk 7.5 Reload and Plesk 7.6 for Windows, in filemanager/filemanager.php, where a crafted file parameter using ../ in a chdir action lets remote attackers list arbitrary directories. This is documented in the NVD entries, with the impa...

5CVSS7.1AI score0.46478EPSS