Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2004-1498
Disclosure Date: December 31, 2004 (last updated February 22, 2025)
SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.
0
Attacker Value
Unknown
CVE-2004-1499
Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field.
0
