Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
controller vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-6713
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between ...
Cisco Elastic Services Controller 2.0
Cisco Elastic Services Controller 1.1.0
Cisco Elastic Services Controller 2.2.0
Cisco Elastic Services Controller 1.0.0
Cisco Elastic Services Controller 2.3.0
Cisco Elastic Services Controller 2.1.0
NA
CVE-2006-1621
Directory traversal vulnerability in admin/folders/saveuploadfiles.asp in Hosting Controller 2002 RC 1 allows remote authenticated users to overwrite arbitrary files via an absolute path in the OpenPath parameter.
Hosting Controller Hosting Controller 2002 Rc 1
NA
CVE-2006-0581
SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.
Hosting Controller Hosting Controller 6.1 Hotfix 2.8
NA
CVE-2005-2219
Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action.
Hosting Controller Hosting Controller 6.1 Hotfix 2.1
1 EDB exploit
NA
CVE-2006-1229
SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote malicious users to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informa...
Hosting Controller Hosting Controller 6.1 Hotfix 2.9
NA
CVE-2006-6814
Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter.
Hosting Controller Hosting Controller 7c
1 EDB exploit
NA
CVE-2005-3038
Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote malicious users to list and read contents of arbitrary drives, related to "the PHP vulnerability."
Hosting Controller Hosting Controller 6.1 Hotfix 2.3
NA
CVE-2005-1788
SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote malicious users to execute arbitrary SQL commands via the jresourceid parameter.
Hosting Controller Hosting Controller 6.1 Hotfix 2.0
2 EDB exploits
NA
CVE-2002-0776
getuserdesc.asp in Hosting Controller 2002 allows remote malicious users to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.
Hosting Controller Hosting Controller 2002
NA
CVE-2007-6494
Hosting Controller 6.1 Hot fix 3.3 and previous versions allows remote malicious users to obtain login access via a request to hosting/addreseller.asp with a username in the reseller parameter, followed by a request to AdminSettings/displays.asp with the DecideAction and ChangeSk...
Hosting Controller Hosting Controller 6.1 Hotfix 3.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »