Unrated severityNVD Advisory· Published Oct 6, 2007· Updated Apr 23, 2026

CVE-2007-5251

Description

Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.

Affected products

Webhost Automation/Helm Web Hosting Control Panel
cpe:2.3:a:webhost_automation:helm_web_hosting_control_panel:3.2.16:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

pridels-team.blogspot.com/2007/10/helm-xss-vuln.htmlnvd
secunia.com/advisories/27080nvd
www.securityfocus.com/bid/25940nvd
exchange.xforce.ibmcloud.com/vulnerabilities/36962nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000