Hosting Controller 1.x Browse.ASP File Disclosure Vulnerability

ID EDB-ID:21464
Type exploitdb
Reporter Bao Dai Nhan
Modified 2002-05-19T00:00:00


Hosting Controller 1.x Browse.ASP File Disclosure Vulnerability. CVE-2002-0775. Webapps exploit for asp platform


Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems.

The 'browse.asp' script is prone to an issue which may allow a remote attacker to view the contents of arbitrary files and directories. The attacker must provide a malicious value as a URL parameter in a request for the affected script, which will be read with the privileges of the web server process.