Parallels: >> Parallels Plesk Panel >> 11.0.9 Security Vulnerabilities
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable.
CVSS Score
7.2
EPSS Score
0.001
Published
2013-04-18
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables.
CVSS Score
6.8
EPSS Score
0.005
Published
2013-04-18