H-sphere Security Vulnerabilities and Issues — H-sphere CVE List

Lucene search

Positive SoftwareH-sphere

3 matches found

CVE•added 2008/10/06 7:56 p.m.•37 views

CVE-2008-4447

Cross-site scripting (XSS) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via (1) the fn parameter during a dload action, (2) the mask parameter during a search action, and (3) the tab parameter during a sysi...

4.3CVSS5.7AI score0.01152EPSS

CVE•added 2008/10/06 7:56 p.m.•33 views

CVE-2008-4448

Cross-site request forgery (CSRF) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the (1) overkill, (2) futils, or (3) edit actions.

6.8CVSS6.9AI score0.00179EPSS

CVE•added 2008/02/27 7:44 p.m.•32 views

CVE-2008-1049

Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors.

10CVSS6.5AI score0.00416EPSS