|
295151
|
- |
|
parallels
|
parallels_plesk_panel
|
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which…
|
CWE-200
Information Exposure
|
CVE-2011-4748
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295152
|
- |
|
parallels
|
parallels_plesk_panel
|
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not prevent the use of weak ciphers for SSL sessions, which makes it easier for remote attackers to defeat cryptographic pr…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4747
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295153
|
- |
|
parallels
|
parallels_plesk_panel
|
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easier for remote attackers to conduct spoofing attacks by leveraging prot…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4746
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295154
|
- |
|
parallels
|
parallels_plesk_panel
|
Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 allow remote attackers to inject arbitrary web script or HTML via crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4745
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295155
|
- |
|
parallels
|
parallels_plesk_panel
|
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by lev…
|
NVD-CWE-Other
|
CVE-2011-4744
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295156
|
- |
|
parallels
|
parallels_plesk_panel
|
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified …
|
NVD-CWE-Other
|
CVE-2011-4743
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295157
|
- |
|
parallels
|
parallels_plesk_panel
|
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which al…
|
CWE-200
Information Exposure
|
CVE-2011-4742
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295158
|
- |
|
parallels
|
parallels_plesk_panel
|
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a database connection string within a web page, which allows remote attackers to obtain potentially sensitive information …
|
CWE-200
Information Exposure
|
CVE-2011-4741
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295159
|
- |
|
parallels
|
parallels_plesk_panel
|
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing external links in response to GET requests with query strings for smb/app/search-data/catalogId/mark…
|
CWE-200
Information Exposure
|
CVE-2011-4740
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295160
|
- |
|
parallels
|
parallels_plesk_panel
|
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass au…
|
CWE-255
Credentials Management
|
CVE-2011-4739
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
