Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hosting controller hosting controller 6.1 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2007-6495
inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote authenticated users to change the permissions of directories named (1) db, (2) www, (3) Special, and (4) log at arbitrary locations under the web root via a modified Dirroot parameter in an ...
Hosting Controller Hosting Controller 6.1 Hotfix 3.3
1 EDB exploit
6.8
CVSSv2
CVE-2007-6496
Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote malicious users to register arbitrary users via a request to hosting/addsubsite.asp with the loginname and password parameters set, when preceded by certain requests to hosting/default.asp and hosting/selectdo...
Hosting Controller Hosting Controller 6.1 Hotfix 3.3
1 EDB exploit
7.5
CVSSv2
CVE-2007-6498
Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) email and (2) loginname parameters to Hosting/Addreseller.asp, (3) the sortfield parameter to accounts...
Hosting Controller Hosting Controller 6.1 Hotfix 3.3
1 EDB exploit
7.5
CVSSv2
CVE-2005-1654
Hosting Controller 6.1 Hotfix 1.9 and previous versions allows remote malicious users to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.
Hostingcontroller Hosting Controller
Hostingcontroller Hosting Controller 6.1
2 EDB exploits
7.5
CVSSv2
CVE-2006-1229
SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote malicious users to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informa...
Hosting Controller Hosting Controller 6.1 Hotfix 2.9
5
CVSSv2
CVE-2005-3038
Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote malicious users to list and read contents of arbitrary drives, related to "the PHP vulnerability."
Hosting Controller Hosting Controller 6.1 Hotfix 2.3
6.5
CVSSv2
CVE-2006-0581
SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.
Hosting Controller Hosting Controller 6.1 Hotfix 2.8
4.6
CVSSv2
CVE-2005-2219
Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action.
Hosting Controller Hosting Controller 6.1 Hotfix 2.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-6497
Hosting Controller 6.1 Hot fix 3.3 and previous versions (1) allows remote malicious users to change arbitrary user profiles via a request to Hosting/Addreseller.asp with modified loginname and email parameters; and (2) allows remote authenticated users to change a credit amount ...
Hosting Controller Hosting Controller
1 EDB exploit
5.5
CVSSv2
CVE-2007-6499
Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNINSTAL.asp with a "host id (IIS) value."
Hosting Controller Hosting Controller
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »