Description
Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Soroush Dalili · textwebappsasp
https://www.exploit-db.com/exploits/1015
References (1)
Core 1
Core References
Exploit, Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014062
Scores
EPSS
0.0044
EPSS Percentile
63.4%
Details
Status
published
Products (1)
hosting_controller/hosting_controller
< 6.1_hotfix_2.0
Published
May 27, 2005
Tracked Since
Feb 18, 2026