EIP-2026-102945

PRE-CVE

Parallels PLESK 9.x - Insecure Permissions

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102945. PoCs published by Nicolas Krassas.

AI-analyzed exploit summary This writeup describes an information leakage vulnerability in PLESK 9.x where backup logs contain admin passwords in plaintext due to insecure directory permissions. The logs are accessible to low-privileged users, revealing credentials used in mysqldump operations.

Description

Parallels PLESK 9.x - Insecure Permissions

Exploits (1)

exploitdb WRITEUP

by Nicolas Krassas · textlocallinux

https://www.exploit-db.com/exploits/18785

View Code ZIP pw:eip

This writeup describes an information leakage vulnerability in PLESK 9.x where backup logs contain admin passwords in plaintext due to insecure directory permissions. The logs are accessible to low-privileged users, revealing credentials used in mysqldump operations.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PLESK 9.x

No auth needed

Prerequisites: Access to the system as a low-privileged user · Presence of backup logs in /opt/psa/PMM/sessions or /usr/local/psa/PMM/sessions

MITRE ATT&CK

T1083 - File and Directory Discovery T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026