Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hosting controller hosting controller 6.1_hotfix_2.1 |