CVE Assignments for Parallels Panel for Windows Version 11.5.30
Parallels Panel for Windows Version 11.5.30 contains multiple Vulnerabilities which may lead to SQL Injection and Priv Escalation.
Author: Hoyt LLC
Date: August 12, 2014
Subject: CVE Assignments for Parallels Panel for Windows Version 11.5.30
- CVE-2014-2546 Multiple Unspecified Parameterized XSS Vulnerabilities (CWE-79) requiring Authentication
- CVE-2014-2547 Multiple Unspecified Parameterized Information Disclosure Vulnerabilities (CWE-200) requiring Authentication
- CVE-2014-2548 Multiple Unspecified Parameterized SQL Injection Vulnerabilities (CWE-89) requiring Authentication
All Parallels Panel for Windows Version 11.5.30 customers should UPGRADE to Plesk Panel Version 12 from within your Panel.
To be published once a reasonable amount of time has elapsed to permit upgrades by Exploitable Sites.