PleskLin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-1557 - Vulnerability Database

PleskLin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-1557

High
Reference: CVE-2012-1557
Title: PleskLin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x before 8.6 MU2 9.x before 9.5 MU11 10.0.x before MU13 10.1.x before MU22 10.2.x before MU16 and 10.3.x before MU5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors as exploited in the wild in March 2012.