Lucene search
K

5 matches found

NVD
NVD
added 2008/10/06 7:56 p.m.22 views

CVE-2008-4447

Cross-site scripting XSS vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via 1 the fn parameter during a dload action, 2 the mask parameter during a search action, and 3 the tab parameter during a sysinfo...

4.3CVSS5.7AI score0.01445EPSS
Exploits1References4
Prion
Prion
added 2008/10/06 7:56 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the 1 overkill, 2 futils, or 3 edit actions...

6.8CVSS7.4AI score0.00707EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2008/10/06 7:56 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via 1 the fn parameter during a dload action, 2 the mask parameter during a search action, and 3 the tab parameter during a sysinfo...

4.3CVSS6.2AI score0.01445EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/10/06 7:0 p.m.24 views

CVE-2008-4448

Cross-site request forgery CSRF vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the 1 overkill, 2 futils, or 3 edit actions...

6.9AI score0.00707EPSS
Exploits1References3
CVE
CVE
added 2006/01/13 11:0 a.m.45 views

CVE-2006-0193

CVE-2006-0193 is an XSS vulnerability in the Hosting Control Panel (psoft.hsphere.CP) of Positive Software H-Sphere, affecting version 2.4.3 Patch 8 and earlier. The issue arises from a flaw in the login action where the login parameter can be exploited to inject arbitrary web script/HTML. The NV...

4.3CVSS5.7AI score0.01338EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder