Description
Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp.
Exploits (1)
References (3)
Core 3
Core References
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11822
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110237762807764&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18363
Scores
EPSS
0.0057
EPSS Percentile
68.6%
Details
Status
published
Products (2)
hosting_controller/hosting_controller
6.1
hosting_controller/hosting_controller
6.1_hotfix_1.4
Published
Jan 10, 2005
Tracked Since
Feb 18, 2026