Search Engine: Elastic

Article ID: 114080, created on Jun 8, 2012, last review on Mar 2, 2015

  • Applies to:
  • Operations Automation


On May 3rd, 2012, the PHP-CGI remote code execution vulnerability was disclosed to the general public. This is a Critical Vulnerability affecting all software that contains PHP-CGI. There is a fix and workaround for this vulnerability for POA Shared Hosting and Shared Hosting NG. But some of POA nodes may be still vulnerable because of the same issue in Web Presence Builder (WPB) integrated into POA.


All WPB instances installed into POA environment should be checked for this vulnerability.

To check if a server is vulnerable open the following URL in your browser:


The domain.tld should be replaced with URL of your PA4WP centralized instance. 

In case the server is vulnerable the page with following content will be displayed:

Your instance is affected. Please apply the fix.

If you see an empty browser screen - the server is not affected.


Upload the sw-engine-cgi-wrapper.tgz to a server that runs PA4WP centralized instance within POA system. Then execute following commands on behalf of the root user:
# tar xfz sw-engine-cgi-wrapper.tgz
# cd sw-engine-cgi-wrapper
# sh

After that check if the server is still vulnerable as already shown above.

Related articles

114058 Parallels Plesk Sitebuilder: PHP-CGI remote code execution vulnerability (CVE-2012-1823)


caea8340e2d186a540518d08602aa065 5356b422f65bdad1c3e9edca5d74a1ae e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF