Hosting Controller AccountActions.asp and saveuploadfiles.asp vulns (PoC)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, i've found 2 vulnerabilities in Hosting Controller that allows remote authenticated users to change every user password or upload files in every directory. Here are the PoC: This allows to modify passwords: form...