RSS   Vulnerabilities for 'Parallels virtuozzo'   RSS

2009-03-16
 
CVE-2008-6479

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd.

 

 >>> Vendor: Parallels 11 Products
H-sphere
Plesk
Confixx
Parallels desktop
Virtuozzo containers
Parallels virtuozzo
Parallels plesk panel
Parallels plesk small business panel
Parallels small business panel
Remote application server
Parallels


Copyright 2024, cxsecurity.com

 

Back to Top