Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. (dot dot) in the OpenPath parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hosting Controller非授权文件访问和上传漏洞
Vulnerability Description
Hosting Controller是一个Windows平台下的一体化的虚拟主机管理软件。它可以使所有网站管理活动自动化,并且给予每个Web托管的用户所需要的权限,以管理他们自己的Web网站。 Hosting Controller设计上存在漏洞,可以使远程攻击者在主机上读取、删除和上传任意文件。 软件包中的filemanager.asp存在输入验证漏洞,可以使远程攻击者通过向filemanager.asp程序发送包含"../"字串的请求,攻击者可能访问到自身管理目录以外的目录,可以在主机驱动器的任意位置读
CVSS Information
N/A
Vulnerability Type
N/A