Family: CGI abuses --> Category: infos
Hosting Controller <= 6.1 Hotfix 2.2 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in Hosting Controller <= 6.1 Hotfix 2.2
Detailed Explanation for this Vulnerability Test
The remote web server contains an ASP application that is affected by
According to its version number, the installation of Hosting
Controller on the remote host improperly allows an authenticated user
to add hosting plans to his account, to edit the details of his own or
anyone else's hosting plans, to view the folders of all resellers and
the web admin, to add domains with unlimited quotas, and to influence
SQL queries via the 'hostcustid' parameter of the 'plandetails.asp'
See also :
Apply Hotfix 2.3 or later for version 6.1.
Low / CVSS Base Score : 3
Click HERE for more information and discussions on this network vulnerability scan.