Back to search
CVE-2013-4878
Published: Jul 18, 2013
Modified: Sep 16, 2024
PUBLISHED
Description
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper ScriptAlias directive for phppath, which makes it easier for remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2012-1823.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20130605 Plesk Apache Zeroday Remote Exploit
mailing-list
x_refsource_FULLDISC
VU#673343
third-party-advisory
x_refsource_CERT-VN
http://kb.parallels.com/116241
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now