Exploitation Summary
EIP tracks 2 public exploits for CVE-2006-1407. PoCs published by r0t.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Helm, where user-supplied input is not properly sanitized. The example demonstrates how an attacker could inject arbitrary script code via the 'txtDomainName' parameter.
Description
Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) txtDomainName parameter to domains.asp or (2) SearchText or (3) UserLevel parameters to default.asp.
Exploits (2)
The provided text describes a cross-site scripting (XSS) vulnerability in Helm, where user-supplied input is not properly sanitized. The example demonstrates how an attacker could inject arbitrary script code via the 'txtDomainName' parameter.
The provided text describes a cross-site scripting (XSS) vulnerability in Helm, detailing how unsanitized user input in specific URL parameters can lead to arbitrary script execution in a user's browser context.