Описание
Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:parallels:parallels_plesk_small_business_panel:10.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00314
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files.
EPSS
Процентиль: 54%
0.00314
Низкий
7.5 High
CVSS2
Дефекты
CWE-89