Vulnerability Details CVE-2006-0193
Cross-site scripting (XSS) vulnerability in the Hosting Control Panel (psoft.hsphere.CP) in Positive Software H-Sphere 2.4.3 Patch 8 and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter in a login action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/18447
- http://www.osvdb.org/22372
- http://www.psoft.net/HSdocumentation/versions/?v=all&p=r
- http://www.psoft.net/HSdocumentation/versions/index.php?v=243p9&p=r
- http://www.securityfocus.com/archive/1/421704/100/0/threaded
- http://www.vupen.com/english/advisories/2006/0172
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24096
- http://secunia.com/advisories/18447
- http://www.osvdb.org/22372
- http://www.psoft.net/HSdocumentation/versions/?v=all&p=r
- http://www.psoft.net/HSdocumentation/versions/index.php?v=243p9&p=r
- http://www.securityfocus.com/archive/1/421704/100/0/threaded
- http://www.vupen.com/english/advisories/2006/0172
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24096
Products affected by CVE-2006-0193
-
cpe:2.3:a:positive_software:h-sphere:2.4.1
-
cpe:2.3:a:positive_software:h-sphere:2.4.1_patch_1
-
cpe:2.3:a:positive_software:h-sphere:2.4.1_patch_2
-
cpe:2.3:a:positive_software:h-sphere:2.4.1_patch_3
-
cpe:2.3:a:positive_software:h-sphere:2.4.1_patch_4
-
cpe:2.3:a:positive_software:h-sphere:2.4.1_patch_5
-
cpe:2.3:a:positive_software:h-sphere:2.4.1_patch_6
-
cpe:2.3:a:positive_software:h-sphere:2.4.1_patch_7
-
cpe:2.3:a:positive_software:h-sphere:2.4.2
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_beta_1
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_beta_2
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_beta_3
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_patch_1
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_patch_2
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_patch_3
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_patch_4
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_patch_5
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_rc1
-
cpe:2.3:a:positive_software:h-sphere:2.4.2_rc2
-
cpe:2.3:a:positive_software:h-sphere:2.4.3
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_beta_1
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_beta_2
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_1
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_2
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_3
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_4
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_5
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_6
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_7
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_patch_8
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_rc1
-
cpe:2.3:a:positive_software:h-sphere:2.4.3_rc2