Vulnerabilities > Dreamcost > Hostadmin

DATE CVE VULNERABILITY TITLE RISK
2009-02-20 CVE-2008-6164 Cross-Site Scripting vulnerability in Dreamcost Hostadmin 3.1.1
Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
network
dreamcost CWE-79
4.3
4.3
2007-02-24 CVE-2006-7056 Remote File Include vulnerability in DreamCost Hostadmin 3.0/3.1
Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAdmin 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) functions.php and (2) members.php.
network
dreamcost
6.8
6.8
2006-02-19 CVE-2006-0791 Remote File Include vulnerability in Dreamcost Hostadmin 3.0
PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.
network
low complexity
dreamcost
7.5
7.5