漏洞标题
N/A
漏洞描述信息
Parallels Plesk Panel 10.4.4_build20111103.18 的控制台包含在HTTP响应体中提交的隐私密码,这允许远程攻击者通过监听网络来获取敏感信息,例如在客户端@1/域名@1/备份/本地存储库/中的某些文件的密码处理。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes a submitted password within an HTTP response body, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by password handling in certain files under client@1/domain@1/backup/local-repository/.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Parallels Plesk Panel信息泄露漏洞
漏洞描述信息
Parallels Plesk Panel 10.4.4_build20111103.18版本的Control Panel中存在漏洞,其在HTTP应答体中包含提交密码。远程攻击者可通过嗅探网络获取敏感信息,该漏洞已在client@1/domain@1/backup/local-repository/目录下的某些文件的密码中被证实。
CVSS信息
N/A
漏洞类别
信息泄露