Vulnerabilities > Hosting Controller > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-12-20 | CVE-2007-6494 | Improper Input Validation vulnerability in Hosting Controller Hosting Controller 6.1Hotfix3.3 Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to obtain login access via a request to hosting/addreseller.asp with a username in the reseller parameter, followed by a request to AdminSettings/displays.asp with the DecideAction and ChangeSkin parameters. | 10.0 |
| 2002-08-12 | CVE-2002-0774 | Unspecified vulnerability in Hosting Controller Hosting Controller Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed. | 10.0 |
| 2002-08-12 | CVE-2002-0773 | Unspecified vulnerability in Hosting Controller Hosting Controller imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath. | 10.0 |
| 2002-08-12 | CVE-2002-0465 | Unspecified vulnerability in Hosting Controller Hosting Controller 1.4/1.4.1 Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. | 10.0 |