Helm Control Panel < 3.1.20 Multiple Input Validation Vulnerabilities
High Nessus Network Monitor Plugin ID 2390
SynopsisThe remote web server contains a script that is vulnerable to a SQL injection attack.
DescriptionThe remote host is using Helm Control Panel, a web based mangement system.
There are multiple flaws in the remote version of this software that may allow an attacker to perform a SQL injection or a cross-site scripting attack against the remote host.
To exploit these flaws, an attacker would need a valid login and password to log into the service.
SolutionUpgrade to Helm 3.1.20 or higher.