7.5

CVE-2006-5630

Exploit
Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to (1) delete the virtual directory of an arbitrary site via a modified ForumID parameter in a disableforum action in DisableForum.asp and (2) create an arbitrary forum virtual directory via an empty ForumID parameter in an enableforum action in EnableForum.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hosting ControllerHosting Controller Version <= 6.1_hotfix_3.2
Hosting ControllerHosting Controller Version6.1_hotfix_1.4
Hosting ControllerHosting Controller Version6.1_hotfix_1.7
Hosting ControllerHosting Controller Version6.1_hotfix_1.9
Hosting ControllerHosting Controller Version6.1_hotfix_2.0
Hosting ControllerHosting Controller Version6.1_hotfix_2.1
Hosting ControllerHosting Controller Version6.1_hotfix_2.2
Hosting ControllerHosting Controller Version6.1_hotfix_2.3
Hosting ControllerHosting Controller Version6.1_hotfix_2.4
Hosting ControllerHosting Controller Version6.1_hotfix_3.1
Hosting ControllerHosting Controller Version2002_rc_1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.53% 0.807
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.