Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files.
https://exchange.xforce.ibmcloud.com/vulnerabilities/72215
http://xss.cx/examples/plesk-reports/plesk-10.2.0-site-editor.html