Lucene search
HistoryOct 31, 2006 - 10:07 p.m.
CVE-2006-5630
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0.009
Percentile
82.4%
Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to (1) delete the virtual directory of an arbitrary site via a modified ForumID parameter in a disableforum action in DisableForum.asp and (2) create an arbitrary forum virtual directory via an empty ForumID parameter in an enableforum action in EnableForum.asp.
Affected configurations
Node
hosting_controllerhosting_controllerRange≤6.1_hotfix_3.2
ORhosting_controllerhosting_controllerMatch1.1
ORhosting_controllerhosting_controllerMatch1.3
ORhosting_controllerhosting_controllerMatch1.4
ORhosting_controllerhosting_controllerMatch1.4.1
ORhosting_controllerhosting_controllerMatch1.4b
ORhosting_controllerhosting_controllerMatch6.1
ORhosting_controllerhosting_controllerMatch6.1_hotfix_1.4
ORhosting_controllerhosting_controllerMatch6.1_hotfix_1.7
ORhosting_controllerhosting_controllerMatch6.1_hotfix_1.9
ORhosting_controllerhosting_controllerMatch6.1_hotfix_2.0
ORhosting_controllerhosting_controllerMatch6.1_hotfix_2.1
ORhosting_controllerhosting_controllerMatch6.1_hotfix_2.2
ORhosting_controllerhosting_controllerMatch6.1_hotfix_2.3
ORhosting_controllerhosting_controllerMatch6.1_hotfix_2.4
ORhosting_controllerhosting_controllerMatch6.1_hotfix_3.1
ORhosting_controllerhosting_controllerMatch2002
ORhosting_controllerhosting_controllerMatch2002_rc_1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hosting_controller | hosting_controller | * | cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 1.1 | cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 1.3 | cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 1.4 | cpe:2.3:a:hosting_controller:hosting_controller:1.4:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 1.4.1 | cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 1.4b | cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 6.1 | cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 6.1_hotfix_1.4 | cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 6.1_hotfix_1.7 | cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.7:*:*:*:*:*:*:* |
| hosting_controller | hosting_controller | 6.1_hotfix_1.9 | cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.9:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0.009
Percentile
82.4%
Related for NVD:CVE-2006-5630