Описание
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to register arbitrary users via a request to hosting/addsubsite.asp with the loginname and password parameters set, when preceded by certain requests to hosting/default.asp and hosting/selectdomain.asp, a related issue to CVE-2005-1654.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_3.3:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01565
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to register arbitrary users via a request to hosting/addsubsite.asp with the loginname and password parameters set, when preceded by certain requests to hosting/default.asp and hosting/selectdomain.asp, a related issue to CVE-2005-1654.
EPSS
Процентиль: 81%
0.01565
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264