header-logo
Suggest Exploit
vendor:
Hosting Controller
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Hosting Controller
Affected Version From: 7C
Affected Version To: 7C
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Hosting Controller Directory Traversal Vulnerability

Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver process. This may aid in further attacks.

Mitigation:

Input validation should be used to prevent directory traversal attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/21786/info

Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. 

An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver process. This may aid in further attacks.

This issue affects version 7C; earlier versions may also be vulnerable.

http://www.example.com/FolderManager/FolderManager.aspx?BrowseLevel=1&BrowsePath=[SITE NORMAL PATH]\..\..\..\..\program%20files

Navigation

Suggest Exploit

Services By CQR