Vulnerabilities > CVE-2004-1499 - Input Validation vulnerability in WebHost Automation Helm Control Panel

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
webhost-automation
exploit available
NVD
Published: 2004-12-31
Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field.

Vulnerable Configurations

Part Description Count
Application
Webhost_Automation
10

Exploit-Db

descriptionWebHost Automation Helm Control Panel 3.1.x Multiple Input Validation Vulnerabilities. CVE-2004-1499. Webapps exploit for asp platform
idEDB-ID:24717
last seen2016-02-02
modified2004-11-02
published2004-11-02
reporterBehrang Fouladi
sourcehttps://www.exploit-db.com/download/24717/
titleWebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities

References