PT-2002-1099 · Plesk · Plesk Server Administrator

Published

2002-03-15

Updated

2008-09-05

CVE-2001-1222

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Plesk Server Administrator (PSA) version 1.0

Description The issue allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain.

Recommendations For Plesk Server Administrator (PSA) version 1.0, consider restricting access to sensitive PHP files until a patch is available. As a temporary workaround, limit the exposure of account names and IP addresses to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1222

Affected Products

Plesk Server Administrator

PT-2002-1099 · Plesk · Plesk Server Administrator

CVE-2001-1222

Related Identifiers

Affected Products

References · 5