5.8
CVE-2006-1407
- EPSS 2.47%
- Veröffentlicht 28.03.2006 11:06:00
- Zuletzt bearbeitet 16.06.2026 22:22:37
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) txtDomainName parameter to domains.asp or (2) SearchText or (3) UserLevel parameters to default.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webhost Automation ≫ Helm Web Hosting Control Panel Version <= 3.2.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.47% | 0.824 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
http://attrition.org/pipermail/vim/2006-March/000654.html
http://pridels0.blogspot.com/2006/03/helm-web-hosting-control-panel-xss.html
http://secunia.com/advisories/19375
http://www.osvdb.org/24125
http://www.osvdb.org/24126
http://www.securityfocus.com/bid/17263
http://www.vupen.com/english/advisories/2006/1093
https://exchange.xforce.ibmcloud.com/vulnerabilities/25470
https://exchange.xforce.ibmcloud.com/vulnerabilities/30309