• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Plesk Injection Vulnerability

M

MichaeC

Guest
We installed the necessary patches on 9.5.4 last night, and this morning STILL saw some logins to accounts.

Need to know the following:

1. How did they get the usernames to begin with?
2. Do they have the passwords now?
3. How are they still doing this?

The log is not showing much that they did when logging in or even if they got in at all using the API (the one in logs under admin)

Need more information about this..
 
MichaeC said:
We installed the necessary patches on 9.5.4 last night, and this morning STILL saw some logins to accounts.

Need to know the following:

1. How did they get the usernames to begin with?
2. Do they have the passwords now?
3. How are they still doing this?

The log is not showing much that they did when logging in or even if they got in at all using the API (the one in logs under admin)

Need more information about this..
Click to expand...

See here: http://forum.parallels.com/showthread.php?p=616004#post616004
 
You must log in or register to reply here.

Similar threads

M
Resolved Webmail Broken After Update to 18.0.61.5
Replies
7
Views
871
MacGyver
M
M
Issue My plesk server is completely down
Replies
8
Views
2K
Kaspar@Plesk
Kaspar@Plesk
D
Question Service Unavailable port 8443 Plesk Not Working
Replies
1
Views
467
Kaspar@Plesk
Kaspar@Plesk
C
Issue Errors with Plesk scheduled backups
Replies
2
Views
780
cmartinez127
C
Polli
Resolved Debian 12 upgrade not completed. Whats next?
Replies
6
Views
2K
Polli
Polli
Back
Top