fengcool.com

SQL Injection vulnerability on Plesk 8.2.0

September 24, 2007 at 1:58 pm · Filed under Linux

I just read this one from SWsoft forum.

There is a SQL injection vulnerable security hole exists on Plesk 8.x.x. Yes, it’s even on 8.2.0, which is the latest stable version.

It’s /usr/local/psa/admin/plib/class.Session.php.

Here’s the fix.