Vulnerabilities > CVE-2007-2268 - Directory Traversal vulnerability in Swsoft Plesk 7.6.1/8.1.0/8.1.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Multiple directory traversal vulnerabilities in SWsoft Plesk for Windows 7.6.1, 8.1.0, and 8.1.1 allow remote attackers to read arbitrary files via a .. (dot dot) in the locale_id parameter to (1) login.php3 or (2) login_up.php3.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Plesk 8.1.1 Login.PHP3 Directory Traversal Vulnerability. CVE-2007-2268. Webapps exploit for php platform |
| id | EDB-ID:29898 |
| last seen | 2016-02-03 |
| modified | 2007-04-25 |
| published | 2007-04-25 |
| reporter | anonymous |
| source | https://www.exploit-db.com/download/29898/ |
| title | plesk <= 8.1.1 login.php3 - Directory Traversal Vulnerability |
Nessus
| NASL family | CGI abuses |
| NASL id | PLESK_LOCALE_ID_TRAVERSAL.NASL |
| description | The remote host is running Plesk, a control panel used to administer and manage websites. The version of Plesk installed on the remote host fails to sanitize user-supplied input to the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 25090 |
| published | 2007-04-27 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/25090 |
| title | Plesk Multiple Script locale_id Parameter Traversal Arbitrary File Access |