Plesk Injection Vulnerability

MichaeC · Feb 17, 2012

We installed the necessary patches on 9.5.4 last night, and this morning STILL saw some logins to accounts.

Need to know the following:

1. How did they get the usernames to begin with?
2. Do they have the passwords now?
3. How are they still doing this?

The log is not showing much that they did when logging in or even if they got in at all using the API (the one in logs under admin)

Need more information about this..

Blake@Parallels · Feb 18, 2012

MichaeC said:
We installed the necessary patches on 9.5.4 last night, and this morning STILL saw some logins to accounts.

Need to know the following:

1. How did they get the usernames to begin with?
2. Do they have the passwords now?
3. How are they still doing this?

The log is not showing much that they did when logging in or even if they got in at all using the API (the one in logs under admin)

Need more information about this..

See here: http://forum.parallels.com/showthread.php?p=616004#post616004

Plesk Injection Vulnerability

MichaeC

Guest

Blake@Parallels

Regular Pleskian

Similar threads