Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hosting controller hosting controller vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-1784
Hosting Controller 6.1 HotFix 2.0 and previous versions allows remote malicious users to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.
Hosting Controller Hosting Controller
1 EDB exploit
7.5
CVSSv2
CVE-2007-6497
Hosting Controller 6.1 Hot fix 3.3 and previous versions (1) allows remote malicious users to change arbitrary user profiles via a request to Hosting/Addreseller.asp with modified loginname and email parameters; and (2) allows remote authenticated users to change a credit amount ...
Hosting Controller Hosting Controller
1 EDB exploit
5.5
CVSSv2
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote authenticated users to obtain sensitive information via (1) the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and (2) certain XML HTTP requests to hosting/css.asp using ...
Hosting Controller Hosting Controller
1 EDB exploit
5.5
CVSSv2
CVE-2007-6504
Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote authenticated users to change the headers of arbitrary hosts via an unspecified parameter.
Hosting Controller Hosting Controller
1 EDB exploit
5.5
CVSSv2
CVE-2007-6503
Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and previous versions allow remote authenticated users to (1) import an arbitrary plan via a request to hosting/importhostingplans.asp; or (2) change an arbitrary plan via a request to hosting/AutoSignUpPl...
Hosting Controller Hosting Controller
1 EDB exploit
7.5
CVSSv2
CVE-2007-6498
Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) email and (2) loginname parameters to Hosting/Addreseller.asp, (3) the sortfield parameter to accounts...
Hosting Controller Hosting Controller 6.1 Hotfix 3.3
1 EDB exploit
4.6
CVSSv2
CVE-2005-2219
Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action.
Hosting Controller Hosting Controller 6.1 Hotfix 2.1
1 EDB exploit
7.5
CVSSv2
CVE-2002-0776
getuserdesc.asp in Hosting Controller 2002 allows remote malicious users to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.
Hosting Controller Hosting Controller 2002
5
CVSSv2
CVE-2005-3038
Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote malicious users to list and read contents of arbitrary drives, related to "the PHP vulnerability."
Hosting Controller Hosting Controller 6.1 Hotfix 2.3
7.5
CVSSv2
CVE-2005-1788
SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote malicious users to execute arbitrary SQL commands via the jresourceid parameter.
Hosting Controller Hosting Controller 6.1 Hotfix 2.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »