Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hosting controller hosting controller vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0212
The login for Hosting Controller 1.1 up to and including 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote malicious users to determine the existence of valid usernames and makes it easier to conduct a brute force attack.
Hosting Controller Hosting Controller 1.3
Hosting Controller Hosting Controller 1.4
Hosting Controller Hosting Controller 1.4.1
Hosting Controller Hosting Controller 1.1
Hosting Controller Hosting Controller 1.4b
10
CVSSv2
CVE-2002-0774
Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote malicious users to gain privileges if the password is not changed.
Hosting Controller Hosting Controller 1.1
Hosting Controller Hosting Controller 1.3
Hosting Controller Hosting Controller 1.4.1
Hosting Controller Hosting Controller 1.4
Hosting Controller Hosting Controller 1.4b
5
CVSSv2
CVE-2006-1620
admin/accounts/AccountActions.asp in Hosting Controller 2002 RC 1 allows remote malicious users to modify passwords of other users, probably via an "Update User" ActionType with a modified UserName parameter and the PassCheck parameter set to TRUE. It was later reported...
Hosting Controller Hosting Controller 2002 Rc 1
Hosting Controller Hosting Controller
6.4
CVSSv2
CVE-2002-0464
Directory traversal vulnerability in Hosting Controller 1.4.1 and previous versions allows remote malicious users to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp.
Hosting Controller Hosting Controller 1.4
Hosting Controller Hosting Controller 1.4.1
5
CVSSv2
CVE-2002-0466
Hosting Controller 1.4.1 and previous versions allows remote malicious users to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrowse.asp.
Hosting Controller Hosting Controller 1.4
Hosting Controller Hosting Controller 1.4.1
5
CVSSv2
CVE-2004-1217
Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote malicious users to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp.
Hosting Controller Hosting Controller 6.1 Hotfix 1.4
Hosting Controller Hosting Controller 6.1
1 EDB exploit
10
CVSSv2
CVE-2002-0465
Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and previous versions allows remote malicious users to read and modify arbitrary files, and execute commands, via a .. (dot dot) in the OpenPath parameter.
Hosting Controller Hosting Controller 1.4.1
Hosting Controller Hosting Controller 1.4
5.5
CVSSv2
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote authenticated users to obtain sensitive information via (1) the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and (2) certain XML HTTP requests to hosting/css.asp using ...
Hosting Controller Hosting Controller
1 EDB exploit
5.5
CVSSv2
CVE-2007-6499
Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNINSTAL.asp with a "host id (IIS) value."
Hosting Controller Hosting Controller
1 EDB exploit
7.5
CVSSv2
CVE-2005-1784
Hosting Controller 6.1 HotFix 2.0 and previous versions allows remote malicious users to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.
Hosting Controller Hosting Controller
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »