Home/Product/parallels plesk panel
Product

parallels plesk panel

42 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2019-18793
all versions
Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter.
6.1MEDIUM
 CVE-2013-4878
all versions
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper
 CVE-2013-0133
all versions
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gai
 CVE-2013-0132
all versions
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remot
 CVE-2012-1557
all versions
SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x before 8.6 MU#2, 9.x before 9.5 M
 CVE-2011-4856
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, whi
 CVE-2011-4855
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's charset parameter for certain r
 CVE-2011-4854
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corres
 CVE-2011-4853
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes an RFC 1918 IP address within a web page, which allows
 CVE-2011-4852
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates web pages containing external links in response to GE
 CVE-2011-4851
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocompl
 CVE-2011-4850
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not include the HTTPOnly flag in a Set-Cookie header for a
 CVE-2011-4849
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not set the secure flag for a cookie in an https session,
 CVE-2011-4848
all versions
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes a submitted password within an HTTP response body, whi
 CVE-2011-4847
all versions
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execu
 CVE-2011-4777
all versions
Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Panel 10.4.4_build2011110
 CVE-2011-4776
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allow re
 CVE-2011-4749
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 generates a password form field without disabling the autoc
 CVE-2011-4748
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 has web pages containing e-mail addresses that are not inte
 CVE-2011-4747
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not prevent the use of weak ciphers for SSL sessions,
 CVE-2011-4746
all versions
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easie
 CVE-2011-4745
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 allo
 CVE-2011-4744
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, wh
 CVE-2011-4743
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain
 CVE-2011-4742
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 has web pages containing e-mail addresses that are not intende
 CVE-2011-4741
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a database connection string within a web page, which
 CVE-2011-4740
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing external links in response to G
 CVE-2011-4739
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field without disabling the autocomp
 CVE-2011-4738
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 does not include the HTTPOnly flag in a Set-Cookie header for
 CVE-2011-4737
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a submitted password within an HTTP response body, wh
 CVE-2011-4736
all versions
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password input over HTTP, which allows remo
 CVE-2011-4735
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow r
 CVE-2011-4734
all versions
Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attacke
 CVE-2011-4733
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 sends incorrect Content-Type headers for certai
 CVE-2011-4732
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset paramet
 CVE-2011-4731
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 includes an RFC 1918 IP address within a web pa
 CVE-2011-4730
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a password form field without disabli
 CVE-2011-4729
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include the HTTPOnly flag in a Set-Coo
 CVE-2011-4728
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not set the secure flag for a cookie in an
 CVE-2011-4727
all versions
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly validate string data that is
 CVE-2011-4726
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build101111
 CVE-2011-4725
all versions
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh