L
larsm
Guest
we have been testing plesk for awhile now
we have bought plesk 7.5.4 and installed all the patches and are running it with
mail enable enterprise
on a win 2003 std.
we then had a user who we gave a account(domain user)
www.Somedomain.xx
he then installed an cms system (php)
called pMachinePro2.4 on his webhotel/webspace
after installation he went into his website (cms backend) as an cms admin an clicked on file manager button and got instant access to the hole drive incl all other domains db's and the psa db with all plesk passes and so forth THIS MY FRIENDS IS A serious security breech how do i solve this !!!! ???
i am quite chocked !!
we have bought plesk 7.5.4 and installed all the patches and are running it with
mail enable enterprise
on a win 2003 std.
we then had a user who we gave a account(domain user)
www.Somedomain.xx
he then installed an cms system (php)
called pMachinePro2.4 on his webhotel/webspace
after installation he went into his website (cms backend) as an cms admin an clicked on file manager button and got instant access to the hole drive incl all other domains db's and the psa db with all plesk passes and so forth THIS MY FRIENDS IS A serious security breech how do i solve this !!!! ???
i am quite chocked !!