Description
Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Soroush Dalili · textremotewindows
https://www.exploit-db.com/exploits/1096
References (1)
Core 1
Core References
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014443
Scores
EPSS
0.0026
EPSS Percentile
49.7%
Details
Status
published
Products (1)
hosting_controller/hosting_controller
6.1_hotfix_2.1
Published
Jul 12, 2005
Tracked Since
Feb 18, 2026