CVE-2007-4892

2007-09-1418:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.002

Percentile

51.8%

JSON

Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3.

References

kb.swsoft.com/en/2159

marc.info/?l=bugtraq&m=118960991517910&w=2

secunia.com/advisories/26741

www.osvdb.org/37009

www.securityfocus.com/bid/25646

exchange.xforce.ibmcloud.com/vulnerabilities/36580