CVE-2007-5251

Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.

Published: Oct 6, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5251
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
webhost_automation / helm_web_hosting_control_panel	3.2.16	3.2.16.x

http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html
http://secunia.com/advisories/27080
http://www.securityfocus.com/bid/25940
https://exchange.xforce.ibmcloud.com/vulnerabilities/36962

Vulnerability Database

CVE-2007-5251