27 matches found
VulnCheck KEV: CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
EUVD-2012-4928
Malware in sbrugna...
EUVD-2008-6435
Malware in sbrugna...
EUVD-2022-52601
Malicious code in bioql PyPI...
CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
Parallels H-Sphere Cross-Site Scripting Vulnerability
Parallels H-Sphere is a web-hosting automation control panel from Parallels, Inc. It is used for shared web hosting services. Parallels H-Sphere version 3.6.2 contains a cross-site scripting vulnerability that can be exploited by attackers to perform XSS via indexen.php in the parameters...
CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
Design/Logic Flaw
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
CVE-2022-30777
The CVE-2022-30777 issue affects Parallels H-Sphere 3.6.1713, where a Cross-Site Scripting (XSS) flaw exists in the index_en.php via the 'from' parameter. Exploitation could allow arbitrary script execution in the victim’s browser, potentially leading to session hijacking, defacement, or theft of...
Parallels H-Sphere 跨站脚本漏洞
Parallels H-Sphere is a web-hosting automation control panel from Parallels, Inc. It is used for shared web hosting services. Parallels H-Sphere version 3.6.2 contains a cross-site scripting vulnerability that can be exploited by attackers to perform XSS via indexen.php in the parameters...
Parallels H-Sphere 3.0/3.1 'login.php' Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/31256/info H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
CVE-2012-5004
Multiple cross-site request forgery CSRF vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that 1 add group plans via admin/groupplans.html or 2 add extra packages via admin/extrapacks/createextrapack.html...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that 1 add group plans via admin/groupplans.html or 2 add extra packages via admin/extrapacks/createextrapack.html...
CVE-2012-5004
Multiple cross-site request forgery CSRF vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that 1 add group plans via admin/groupplans.html or 2 add extra packages via admin/extrapacks/createextrapack.html...
CVE-2012-5004
CVE-2012-5004 involves multiple CSRF vulnerabilities in Parallels H-Sphere 3.3 Patch 1. The affected component is the Parallels H-Sphere web interface, with two verified vulnerable admin actions: adding group plans via admin/group_plans.html and adding extra packages via admin/extra_packs/create_...
Parallels H Sphere 3.3 P1 Cross Site Scripting
Title: ====== Parallels H Sphere v3.3 P1 - Multiple Persistent Vulnerabilities Date: ===== 2012-01-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=392 VL-ID: ===== 392 Introduction: ============= Parallels H-Sphere delivers a multi-server hosting automation solution...
Parallels H Sphere v3.3 P1 - Multiple Web Vulnerabilities
Document Title: =============== Parallels H Sphere v3.3 P1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=392 Release Date: ============= 2012-01-21 Vulnerability Laboratory ID VL-ID: ==================================== 3...