Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
Max CVSS
6.1
EPSS Score
0.09%
Published
2022-05-16
Updated
2022-05-25
Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create_extra_pack.html.
Max CVSS
6.8
EPSS Score
0.56%
Published
2012-09-19
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters.
Max CVSS
4.3
EPSS Score
0.42%
Published
2009-03-13
Updated
2017-08-17
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!