Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting

Parallels H-Sphere 3.0.0 P9 and 3.1 P1 contains multiple cross-site scripting vulnerabilities in login.php in webshell4. An attacker can inject arbitrary web script or HTML via the err, errorcode, and login parameters, thus allowing theft of cookie-based authentication credentials and launch of...

VulnCheck KEV: CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

EUVD-2012-4928

Malware in sbrugna...

EUVD-2005-1609

Malware in sbrugna...

EUVD-2008-6435

Malware in sbrugna...

EUVD-2003-1238

Malware in sbrugna...

EUVD-2006-3275

Malware in sbrugna...

EUVD-2007-2626

Malware in sbrugna...

EUVD-2022-52601

Malicious code in bioql PyPI...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

Parallels H-Sphere Cross-Site Scripting Vulnerability

Parallels H-Sphere is a web-hosting automation control panel from Parallels, Inc. It is used for shared web hosting services. Parallels H-Sphere version 3.6.2 contains a cross-site scripting vulnerability that can be exploited by attackers to perform XSS via indexen.php in the parameters...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

Design/Logic Flaw

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

CVE-2022-30777

The CVE-2022-30777 issue affects Parallels H-Sphere 3.6.1713, where a Cross-Site Scripting (XSS) flaw exists in the index_en.php via the 'from' parameter. Exploitation could allow arbitrary script execution in the victim’s browser, potentially leading to session hijacking, defacement, or theft of...

Parallels H-Sphere 跨站脚本漏洞

Parallels H-Sphere is a web-hosting automation control panel from Parallels, Inc. It is used for shared web hosting services. Parallels H-Sphere version 3.6.2 contains a cross-site scripting vulnerability that can be exploited by attackers to perform XSS via indexen.php in the parameters...

H-Sphere Webshell 2.4 - Local Root Exploit

No description provided by source. source: http://www.securityfocus.com/bid/6527/info A vulnerability has been discovered in H-Sphere Webshell. During the pre-authentication phase Webshell fails to perform sufficient bounds checking on user-supplied HTTP parameters. As a result, a malicious...

Parallels H-Sphere 3.0/3.1 'login.php' Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31256/info H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...