Vulnerabilities > CVE-2006-0684 - Unspecified vulnerability in Virtual Hosting Control System Virtual Hosting Control System

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
virtual-hosting-control-system
exploit available
NVD
Published: 2006-02-15
Updated: 2018-10-19

Summary

change_password.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not verify the old password when a user changes the password, which may allow remote attackers to gain unauthorized access.

Vulnerable Configurations

Part Description Count
Application
Virtual_Hosting_Control_System
1

Exploit-Db

descriptionVirtual Hosting Control System 2.2/2.4 change_password.php Current Password Weakness. CVE-2006-0684. Webapps exploit for php platform
idEDB-ID:27204
last seen2016-02-03
modified2006-02-13
published2006-02-13
reporterRoman Medina-Heigl Hernandez
sourcehttps://www.exploit-db.com/download/27204/
titleVirtual Hosting Control System 2.2/2.4 change_password.php Current Password Weakness

References