Lucene search
HistoryOct 03, 2022 - 4:22 p.m.
CVE-2005-1784
cve-2005-1784
hosting controller
hotfix
remote attackers
passwords
privileges
userprofile.asp
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.016 Low
EPSS
Percentile
87.5%
Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.
Affected configurations
Node
hosting_controllerhosting_controllerRange≤6.1_hotfix_2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| hosting_controller:hosting_controller | hosting controller | le | 6.1_hotfix_2.0 |
References
Related
nvd
nvd
CVE-2005-1784
2005-05-27 04:00:00
cvelist
cvelist
CVE-2005-1784
2022-10-03 16:22:42
nessus
nessus
Hosting Controller < 6.1 Hotfix 2.1 Multiple Vulnerabilities
2005-05-30 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.016 Low
EPSS
Percentile
87.5%
Related for CVE-2005-1784