Short Name |
HTTP:SQL:INJ:PARALLEL-PLESK |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Parallels Plesk Panel SQL Injection |
Release Date |
2013/04/10 |
Update Number |
2253 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known issue in the Parallels Plesk Panel. An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.
Parallels Plesk Panel is prone to an unspecified remote security vulnerability that allows attackers to gain unauthorized administrative access to the application. Attackers can exploit this issue to perform unauthorized actions on the affected application. Successfully exploiting this issue results in complete compromise of the application. Limited technical details are available at this time. We will update this BID as more information emerges. Parallels Plesk Panel versions 7.6.1 through 10.3.1 are vulnerable.