CVE Vulnerabilities

CVE-2004-1498

Published: Dec 31, 2004 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.

Affected Software

Name Vendor Start Version End Version
Helm_control_panel Webhost_automation 3.1.10 3.1.10
Helm_control_panel Webhost_automation 3.1.11 3.1.11
Helm_control_panel Webhost_automation 3.1.12 3.1.12
Helm_control_panel Webhost_automation 3.1.13 3.1.13
Helm_control_panel Webhost_automation 3.1.14 3.1.14
Helm_control_panel Webhost_automation 3.1.15 3.1.15
Helm_control_panel Webhost_automation 3.1.16 3.1.16
Helm_control_panel Webhost_automation 3.1.17 3.1.17
Helm_control_panel Webhost_automation 3.1.18 3.1.18
Helm_control_panel Webhost_automation 3.1.19 3.1.19

References