vendor:
Helm Control Panel
by:
7.5
CVSS
HIGH
SQL Injection, HTML Injection
89
CWE
Product Name: Helm Control Panel
Affected Version From: 3.1.19
Affected Version To: 3.1.19
Patch Exists: NO
Related CWE:
CPE: a:helm_control_panel:helm_control_panel:3.1.19
Platforms Tested:
Helm Control Panel Multiple Vulnerabilities
Helm Control Panel is prone to multiple vulnerabilities including an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL queries to reveal or corrupt sensitive database data is possible as well.
Mitigation:
Apply the latest security patches or updates provided by the vendor. Avoid inserting untrusted data into SQL queries or HTML templates.