SQL Injection vulnerability in Plesk API is now completely fixed!
Feb15
Plesk Service team is pleased to inform you the vulnerability has been completely fixed in most versions of the Plesk. Plesk 10.x are completely covered by Micro-updates. Plesk 8.6 and 9.5 on Linux are also fixed by Micro-updates. For other version Custom Fixes are available.
Please refer to http://kb.parallels.com/en/113321.