VYPR
Unrated severityNVD Advisory· Published Feb 27, 2014· Updated Jun 17, 2026

CVE-2014-2035

CVE-2014-2035

Description

Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject arbitrary web script or HTML via the i parameter.

Affected products

6
  • cpe:2.3:a:interworx:web_control_panel:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:interworx:web_control_panel:*:*:*:*:*:*:*:*range: <=5.0.13
    • cpe:2.3:a:interworx:web_control_panel:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:interworx:web_control_panel:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:interworx:web_control_panel:5.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:interworx:web_control_panel:5.0.12:*:*:*:*:*:*:*
    • (no CPE)range: <5.0.13 build 574

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.