Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting

Parallels H-Sphere 3.0.0 P9 and 3.1 P1 contains multiple cross-site scripting vulnerabilities in login.php in webshell4. An attacker can inject arbitrary web script or HTML via the err, errorcode, and login parameters, thus allowing theft of cookie-based authentication credentials and launch of...

VulnCheck KEV: CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

EUVD-2006-3275

Malware in sbrugna...

EUVD-2012-4928

Malware in sbrugna...

EUVD-2003-1238

Malware in sbrugna...

EUVD-2007-2626

Malware in sbrugna...

EUVD-2005-1609

Malware in sbrugna...

EUVD-2008-6435

Malware in sbrugna...

EUVD-2022-52601

Malicious code in bioql PyPI...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

Parallels H-Sphere Cross-Site Scripting Vulnerability

Parallels H-Sphere is a web-hosting automation control panel from Parallels, Inc. It is used for shared web hosting services. Parallels H-Sphere version 3.6.2 contains a cross-site scripting vulnerability that can be exploited by attackers to perform XSS via indexen.php in the parameters...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

Design/Logic Flaw

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

CVE-2022-30777 affects Parallels H-Sphere 3.6.1713 and is a Cross-Site Scripting (XSS) vulnerability exposed via the index_en.php parameter 'from'. The exploit could allow an attacker to execute arbitrary script in the victim’s browser, potentially enabling session hijacking, defacement, or theft...

Parallels H-Sphere 跨站脚本漏洞

Parallels H-Sphere is a web-hosting automation control panel from Parallels, Inc. It is used for shared web hosting services. Parallels H-Sphere version 3.6.2 contains a cross-site scripting vulnerability that can be exploited by attackers to perform XSS via indexen.php in the parameters...

H-Sphere 2.x HTML Template Inclusion Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7855/info H-Sphere is prone to multiple cross-site scripting vulnerabilities via the HTML template feature in the Hosting Control Panel. HTML and script code will not be filtered from pages which are generated when a...

H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18677/info H-Sphere is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...