HelmXSS.txt

2006-01-15T00:00:00
ID PACKETSTORM:43072
Type packetstorm
Reporter M.Neset KABAKLI
Modified 2006-01-15T00:00:00

Description

                                        
                                            `I.Vulnerability  
Helm Hosting Control Panel Cross Site Scripting Vulnerability  
  
  
II.Vendor  
Web Host Automation Ltd. (www.webhostautomation.com)  
  
  
III.Affected Systems  
* Helm v3.2.8 (and probably previous versions).  
  
  
IV.About  
Helm is a multi-server management and hosting control system for Windows  
2000 and 2003 based web hosts.   
  
  
V.Description  
Helm does not filter txtEmailAddress variable in forgotPassword.asp page.  
It's possible to inject malicious HTML and JavaScript codes to  
forgotPassword.asp page by modifying this variable. An example link provided  
below.  
  
  
VI.Exploit  
http://helm.example.com/forgotPassword.asp?txtEmailAddress=[XSS]  
  
  
VII.Vulnerability Status  
* Vulnerability discovered on 2006-01-10.  
* Vendor notified on 2006-01-10.  
  
  
VIII.Workarounds  
* Print txtEmailAddress variable using Server.HTMLEncode().  
  
  
IX.Credits  
M.Neset KABAKLI  
Wakiza Software Technologies   
neset{at}wakiza{dot}com  
www.wakiza.com  
  
`