icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Helm Control Panel < 3.1.20 Multiple Input Validation Vulnerabilities

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is using Helm Control Panel, a web based mangement system. There are multiple flaws in the remote version of this software that may allow an attacker to perform a SQL injection or a cross-site scripting attack against the remote host. To exploit these flaws, an attacker would need a valid login and password to log into the service.

Solution

Upgrade to Helm 3.1.20 or higher.