Multiple SQL injection vulnerabilities in Hosting Controller 6.1 before Hotfix 3.3 allow remote malicious users to execute arbitrary SQL commands via the ForumID parameter in (1) DisableForum.asp and (2) enableForum.asp. NOTE: it was later reported that the vulnerability is present in 6.1 Hotfix 3.3 and previous versions.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
hosting controller hosting controller |
||
hosting controller hosting controller 6.1_hotfix_2.4 |
||
hosting controller hosting controller 6.1_hotfix_3.1 |
||
hosting controller hosting controller 6.1_hotfix_2.2 |
||
hosting controller hosting controller 6.1_hotfix_2.3 |
||
hosting controller hosting controller 1.1 |
||
hosting controller hosting controller 1.3 |
||
hosting controller hosting controller 6.1_hotfix_1.7 |
||
hosting controller hosting controller 6.1_hotfix_1.9 |
||
hosting controller hosting controller 6.1 |
||
hosting controller hosting controller 6.1_hotfix_1.4 |
||
hosting controller hosting controller 1.4 |
||
hosting controller hosting controller 1.4.1 |
||
hosting controller hosting controller 1.4b |
||
hosting controller hosting controller 6.1_hotfix_2.0 |
||
hosting controller hosting controller 6.1_hotfix_2.1 |
||
hosting controller hosting controller 2002 |
||
hosting controller hosting controller 2002_rc_1 |
Vulmon