CVE-2005-1784

2022-10-0316:22:42

mitre

www.cve.org

hosting controller

vulnerability

email parameter

remote attackers

privileges

userprofile.asp

6.9 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.

References

securitytracker.com/id?1014062