Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
h-sphere vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
Parallels H-sphere 3.6.2
NA
CVE-2012-5004
Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote malicious users to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create...
Parallels H-sphere 3.3
NA
CVE-2008-6465
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote malicious users to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters.
Parallels H-sphere 3.0.0
Parallels H-sphere 3.1
NA
CVE-2008-4447
Cross-site scripting (XSS) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote malicious users to inject arbitrary web script or HTML via (1) the fn parameter during a dload action, (2) the mask parameter during a search action, and (3) the ta...
Positive Software H-sphere 4.3.10
1 EDB exploit
NA
CVE-2008-4448
Cross-site request forgery (CSRF) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote malicious users to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the (1) overkill, (2) fut...
Positive Software H-sphere 4.3.10
NA
CVE-2008-1049
Unspecified vulnerability in Parallels SiteStudio prior to 1.7.2, and 1.8.x prior to 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors.
Positive Software Sitestudio 1.8
Positive Software H-sphere
Positive Software Sitestudio 1.7.1
NA
CVE-2007-2633
Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote malicious users to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter.
Positive Software Sitestudio 1.6
NA
CVE-2006-6382
The control panel for Positive Software H-Sphere prior to 2.5.0 RC3 creates log files in a user's directory with insecure permissions, which allows local users to append log data to arbitrary files via a symlink attack. NOTE: The provenance of this information is unknown; th...
Positive Software H-sphere 2.4.3
NA
CVE-2006-3278
Cross-site scripting (XSS) vulnerability in H-Sphere 2.5.1 Beta 1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) next_template, (2) start, (3) curr_menu_id, and (4) arid parameters in psoft/servlet/resadmin/psoft.hsphere.CP ...
Positive Software H-sphere 2.5
Positive Software H-sphere 2.5 Patch 1
Positive Software H-sphere
Positive Software H-sphere 2.5 Patch 2
Positive Software H-sphere 2.5 Rc 3
NA
CVE-2006-0193
Cross-site scripting (XSS) vulnerability in the Hosting Control Panel (psoft.hsphere.CP) in Positive Software H-Sphere 2.4.3 Patch 8 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the login parameter in a login action.
Positive Software H-sphere 2.4.1 Patch 1
Positive Software H-sphere 2.4.1 Patch 2
Positive Software H-sphere 2.4.1 Patch 3
Positive Software H-sphere 2.4.2 Beta 2
Positive Software H-sphere 2.4.1
Positive Software H-sphere 2.4.2
Positive Software H-sphere 2.4.2 Beta 1
Positive Software H-sphere 2.4.2 Patch 5
Positive Software H-sphere 2.4.2 Rc1
Positive Software H-sphere 2.4.3 Patch 3
Positive Software H-sphere 2.4.3 Patch 4
Positive Software H-sphere 2.4.3 Patch 5
Positive Software H-sphere 2.4.1 Patch 6
Positive Software H-sphere 2.4.1 Patch 7
Positive Software H-sphere 2.4.2 Patch 3
Positive Software H-sphere 2.4.2 Patch 4
Positive Software H-sphere 2.4.3 Patch 1
Positive Software H-sphere 2.4.3 Patch 2
Positive Software H-sphere 2.4.3 Rc2
Positive Software H-sphere 2.4.2 Beta 3
Positive Software H-sphere 2.4.2 Rc2
Positive Software H-sphere 2.4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »