Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

Hosting Controller < 6.1 Hotfix 2.1 Multiple Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks for multiple vulnerabilities in Hosting Controller < 6.1 hotfix 2.1

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains an ASP application with multiple flaws.

Description :

According to its version number, the version of Hosting Controller on
the remote host suffers from multiple vulnerabilities:

- An authenticated user can modify another user's profile,
even an admin's, recover his/her password, and then gain
access to the affected application as that user.

- An authenticated user can view, edit, and even delete
reseller add-on plans.

- The scripts 'sendpassword.asp' and 'error.asp' are prone
to cross-site scripting attacks.

See also :

Solution :

Upgrade to version 6.1 if necessary and apply Hotfix 2.1.

Threat Level:

Low / CVSS Base Score : 3

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.