CVE-2011-4763 Information

Description

Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script as demonstrated by Wizard/Edit/Html and certain other files.

Reference

http://xss.cx/examples/plesk-reports/plesk-10.2.0-site-editor.html https://exchange.xforce.ibmcloud.com/vulnerabilities/72215