WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities

Author: Behrang Fouladi
type: webapps
platform: asp
port: 
date_added: 2004-11-02  
date_updated: 2013-03-11  
verified: 1  
codes: CVE-2004-1499;OSVDB-11385  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 24717.txt  

source: https://www.securityfocus.com/bid/11586/info

Helm Control Panel is reported prone to multiple vulnerabilities. These include an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL queries to reveal or corrupt sensitive database data is possible as well.

Helm Control Panel versions 3.1.19 and prior are reported vulnerable to these issues.

xxxx',10,0); insert into account(accountnumber,accounttype,accountpassword) values('root',0,'');--