Vulnerabilities > CVE-2006-2174 - Unspecified vulnerability in Virtual Hosting Control System Virtual Hosting Control System 2.4.7.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN virtual-hosting-control-system
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in admin/server_day_stats.php in Virtual Hosting Control System (VHCS) allow remote attackers to inject arbitrary web script or HTML via the (1) day, (2) month, or (3) year parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Virtual Hosting Control System 2.4.7 .1 Server_day_stats.PHP Multiple Cross-Site Scripting Vulnerabilities. CVE-2006-2174. Webapps exploit for php platform |
| id | EDB-ID:27799 |
| last seen | 2016-02-03 |
| modified | 2006-05-02 |
| published | 2006-05-02 |
| reporter | O.U.T.L.A.W |
| source | https://www.exploit-db.com/download/27799/ |
| title | Virtual Hosting Control System 2.4.7.1 Server_day_stats.PHP Multiple Cross-Site Scripting Vulnerabilities |
References
- http://www.securityfocus.com/archive/1/432711
- http://www.aria-security.net/hm/vhcs.txt
- http://www.securityfocus.com/bid/17790
- http://secunia.com/advisories/19940
- http://securityreason.com/securityalert/832
- http://www.vupen.com/english/advisories/2006/1634
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26209