header-logo
Suggest Exploit
vendor:
Helm Control Panel
by:
7.5
CVSS
HIGH
SQL Injection, HTML Injection
89
CWE
Product Name: Helm Control Panel
Affected Version From: 3.1.19
Affected Version To: 3.1.19
Patch Exists: NO
Related CWE:
CPE: a:helm_control_panel:helm_control_panel:3.1.19
Metasploit:
Other Scripts:
Platforms Tested:

Helm Control Panel Multiple Vulnerabilities

Helm Control Panel is prone to multiple vulnerabilities including an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL queries to reveal or corrupt sensitive database data is possible as well.

Mitigation:

Apply the latest security patches or updates provided by the vendor. Avoid inserting untrusted data into SQL queries or HTML templates.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11586/info

Helm Control Panel is reported prone to multiple vulnerabilities. These include an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL queries to reveal or corrupt sensitive database data is possible as well.

Helm Control Panel versions 3.1.19 and prior are reported vulnerable to these issues.

xxxx',10,0); insert into account(accountnumber,accounttype,accountpassword) values('root',0,'');--