CVE-2013-0132
Parallels Plesk Panel 11.0.9 - Remote Code Execution via suexec CGI Wrapper
Title source: llmDescription
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables.
References (1)
Core 1
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/310500
Scores
EPSS
0.0126
EPSS Percentile
66.0%
Details
CWE
CWE-94
Status
published
Products (1)
parallels/parallels_plesk_panel
11.0.9
Published
Apr 18, 2013
Tracked Since
Feb 18, 2026