Lucene search
K
InterworxWeb Control Panel

4 matches found

CVE
CVE
added 2014/10/21 4:0 p.m.68 views

CVE-2014-2531

InterWorx Web Control Panel (InterWorx-CP) before 5.0.14 build 577 is vulnerable to SQL injection in xhr.php via the i parameter in the search action for NodeWorx, SiteWorx, and Resellers interfaces. Root cause is that the application constructs dynamic SQL by concatenating user input without pro...

6.5CVSS8AI score0.01123EPSS
Web
CVE
CVE
added 2014/02/27 3:0 p.m.55 views

CVE-2014-2035

InterWorx Web Control Panel (Product: InterWorx Web Control Panel / Vendor: InterWorx LLC) is affected by a Cross-Site Scripting (XSS) vulnerability in xhr.php that allows an attacker to inject arbitrary script via the i parameter. The issue is documented as CVE-2014-2035 with a confirmed fix in ...

4.3CVSS5.7AI score0.01158EPSS
Web
CVE
CVE
added 2007/08/29 1:0 a.m.45 views

CVE-2007-4588

CVE-2007-4588 : Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Server Admin Level (NodeWorx) 3.0.2 allow remote attackers to inject arbitrary web script or HTML via PATH_INFO to index.php, and allow remote authenticated users to inject script...

4.3CVSS5.5AI score0.02475EPSS
CVE
CVE
added 2007/08/29 1:0 a.m.45 views

CVE-2007-4589

CVE-2007-4589 describes multiple XSS vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Webmaster Level (SiteWorx) 3.0.2. The issue allows injection of arbitrary script/HTML by manipulating PATH_INFO to index.php and to a set of scripts (siteworx.php, users.php, ftp.php, mysql.php,...

4.3CVSS5.5AI score0.01707EPSS