Security Advisory

CVE-2013-0132

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-04-18 18:00:00

Last updated 2024-09-17 00:45:53

Assigner certcc

State PUBLISHED

Description

The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables.

← Browse all CVEs View on cve.org ↗