CVE-2007-5251

Helm Web Hosting Control Panel 3.2.16 - Cross-Site Scripting via showOption Parameter or FileManager Path Parameters

Title source: llm
STIX 2.1

Description

Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36962
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25940
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27080

Scores

EPSS 0.0052
EPSS Percentile 40.6%

Details

CWE
CWE-352
Status published
Products (1)
webhost_automation/helm_web_hosting_control_panel 3.2.16
Published Oct 06, 2007
Tracked Since Feb 18, 2026