SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Helm_control_panel | Webhost_automation | 3.1.10 (including) | 3.1.10 (including) |
Helm_control_panel | Webhost_automation | 3.1.11 (including) | 3.1.11 (including) |
Helm_control_panel | Webhost_automation | 3.1.12 (including) | 3.1.12 (including) |
Helm_control_panel | Webhost_automation | 3.1.13 (including) | 3.1.13 (including) |
Helm_control_panel | Webhost_automation | 3.1.14 (including) | 3.1.14 (including) |
Helm_control_panel | Webhost_automation | 3.1.15 (including) | 3.1.15 (including) |
Helm_control_panel | Webhost_automation | 3.1.16 (including) | 3.1.16 (including) |
Helm_control_panel | Webhost_automation | 3.1.17 (including) | 3.1.17 (including) |
Helm_control_panel | Webhost_automation | 3.1.18 (including) | 3.1.18 (including) |
Helm_control_panel | Webhost_automation | 3.1.19 (including) | 3.1.19 (including) |