Remote Code Disclosure in Parallels Plesk Small Business Panel 10.2.0
CVE-2011-4766 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment
Learn more about our Web Application Penetration Testing UK.