Parallels: >> H-Sphere Security Vulnerabilities
Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
CVSS Score
6.1
EPSS Score
0.032
Published
2022-05-16
Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create_extra_pack.html.
CVSS Score
6.8
EPSS Score
0.002
Published
2012-09-19
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters.
CVSS Score
4.3
EPSS Score
0.009
Published
2009-03-13