ID CVE-2007-5251Type cveReporter NVDModified 2017-07-28T21:33:31
Description
Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.
{"id": "CVE-2007-5251", "bulletinFamily": "NVD", "title": "CVE-2007-5251", "description": "Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.", "published": "2007-10-06T13:17:00", "modified": "2017-07-28T21:33:31", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5251", "reporter": "NVD", "references": ["http://www.securityfocus.com/bid/25940", "http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36962"], "cvelist": ["CVE-2007-5251"], "type": "cve", "lastseen": "2017-07-29T11:22:17", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:webhost_automation:helm_web_hosting_control_panel:3.2.16"], "cvelist": ["CVE-2007-5251"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.", "edition": 1, "enchantments": {}, "hash": "67ded8a88a64827d0a299ce3bf665c202006731f22a28c1d3e1154965390d221", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "ecffc987a9bbf7ffb98811b18a5d2f54", "key": "title"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "72a24ccdf246acc57048735e85f3adea", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "dae410f4067094eac99af428549ef021", "key": "references"}, {"hash": "927c6dbbe3b772020cd9bb71a4008bff", "key": "description"}, {"hash": "460c69d1abed2a15b4fcd07415583b0a", "key": "cpe"}, {"hash": "3dbee0951300dbf91dea0315db7f7ec1", "key": "cvelist"}, {"hash": "02a4af414c60dd227f9a79561c1dd6e1", "key": "href"}, {"hash": "a9252592b1ca511dca8207172b7e1e5b", "key": "modified"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5251", "id": "CVE-2007-5251", "lastseen": "2016-09-03T09:35:28", "modified": "2008-09-05T17:30:16", "objectVersion": "1.2", "published": "2007-10-06T13:17:00", "references": ["http://www.securityfocus.com/bid/25940", "http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html", "http://xforce.iss.net/xforce/xfdb/36962"], "reporter": "NVD", "scanner": [], "title": "CVE-2007-5251", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T09:35:28"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "460c69d1abed2a15b4fcd07415583b0a"}, {"key": "cvelist", "hash": "3dbee0951300dbf91dea0315db7f7ec1"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "927c6dbbe3b772020cd9bb71a4008bff"}, {"key": "href", "hash": "02a4af414c60dd227f9a79561c1dd6e1"}, {"key": "modified", "hash": "508b4ad02ddf3a3d38c556b18030c65a"}, {"key": "published", "hash": "72a24ccdf246acc57048735e85f3adea"}, {"key": "references", "hash": "0367909ec115f0074e9f132c278c16d0"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "ecffc987a9bbf7ffb98811b18a5d2f54"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "8ba1d4a8673c8dcfcc6de20161fdb7fffeef2d1c723ac0aa5174fe6a56e7be0b", "viewCount": 0, "enchantments": {"score": {"value": 4.3, "vector": "NONE", "modified": "2017-07-29T11:22:17"}, "vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:webhost_automation:helm_web_hosting_control_panel:3.2.16"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"osvdb": [{"lastseen": "2017-04-28T13:20:33", "references": [], "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.webhostautomation.com\n[Secunia Advisory ID:27080](https://secuniaresearch.flexerasoftware.com/advisories/27080/)\n[Related OSVDB ID: 37461](https://vulners.com/osvdb/OSVDB:37461)\nOther Advisory URL: http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html\nISS X-Force ID: 36962\n[CVE-2007-5251](https://vulners.com/cve/CVE-2007-5251)\nBugtraq ID: 25940\n", "edition": 1, "reporter": "OSVDB", "published": "2007-10-04T00:00:00", "title": "Helm Web Hosting Control Panel interfaces/standard/FileManager.asp Multiple Variable XSS", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-5251"], "modified": "2007-10-04T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:37462", "id": "OSVDB:37462", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:33", "references": [], "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.webhostautomation.com\n[Secunia Advisory ID:27080](https://secuniaresearch.flexerasoftware.com/advisories/27080/)\n[Related OSVDB ID: 37462](https://vulners.com/osvdb/OSVDB:37462)\nOther Advisory URL: http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html\nISS X-Force ID: 36962\n[CVE-2007-5251](https://vulners.com/cve/CVE-2007-5251)\nBugtraq ID: 25940\n", "edition": 1, "reporter": "OSVDB", "published": "2007-10-04T00:00:00", "title": "Helm Web Hosting Control Panel interfaces/standard/domain.asp showOption Variable XSS", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-5251"], "modified": "2007-10-04T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:37461", "id": "OSVDB:37461", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
