5 matches found
EUVD-2008-6435
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the 1 err, 2 errorcode, and 3 login parameters...
CVE-2008-6465
Multiple cross-site scripting XSS vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the 1 err, 2 errorcode, and 3 login parameters...
CVE-2008-6465
CVE-2008-6465 affects Parallels H-Sphere 3.0.0 P9 and 3.1 P1. The NUCLEI template documents multiple cross-site scripting (XSS) flaws in login.php within webshell4, allowing an attacker to inject arbitrary script/HTML via the parameters (err, errorcode, login). Potential impact includes theft of ...
Parallels H-Sphere 3.0/3.1 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/31256/info H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...