CVE-2005-1128

Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries...

EUVD-2006-2175

Malware in sbrugna...

EUVD-2005-3908

Malware in sbrugna...

EUVD-2006-0693

Malware in sbrugna...

EUVD-2005-1131

Malware in sbrugna...

EUVD-2006-0691

Malware in sbrugna...

VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit

No description provided by source. !/usr/bin/php -q ?php errorreportingEALL ^ ENOTICE; darkfig@darky:/ ./vhcssploit.php -url http://localhost/vhcs2/ VHCS = 2.4.7.1 vhcs2daemon Remote Root Exploit -------------------------------------------------- About: by DarkFig gmdarkfig at gmail dot com...

Virtual Hosting Control System 2.2/2.4 change_password.php Current Password Weakness

No description provided by source. source: http://www.securityfocus.com/bid/16600/info Virtual Hosting Control System VHCS is prone to multiple input and access vulnerabilities. VHCS is prone to an HTML-injection vulnerability and an authentication-bypass vulnerability. These issues could be...

Virtual Hosting Control System 2.2/2.4 login.php check_login() Function Authentication Bypass

No description provided by source. source: http://www.securityfocus.com/bid/16600/info Virtual Hosting Control System VHCS is prone to multiple input and access vulnerabilities. VHCS is prone to an HTML-injection vulnerability and an authentication-bypass vulnerability. These issues could be...

VHCS <= 2.4.7.1 (Add User) Authentication Bypass Exploit

No description provided by source. html head titleVHCS version = 2.4.7.1 PoC. By RoMaNSoFt/title script language=JavaScript function submitform if document.adminadduser.username.value=='admin' alert'Learn to read before launching an exploit, script-kiddie!'; exit;...

VHCS &lt;= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit

No description provided by source. !/usr/bin/php -q ?php errorreportingEALL ^ ENOTICE; darkfig@darky:/ ./vhcssploit.php -url http://localhost/vhcs2/ VHCS = 2.4.7.1 vhcs2daemon Remote Root Exploit -------------------------------------------------- About: by DarkFig gmdarkfig at gmail dot com...

VHCS &lt;= 2.4.7.1 &#40;vhcs2_daemon&#41; Remote Root Exploit

!/usr/bin/php -q ?php This file requires the PhpSploit class. If you want to use this class, the latest version can be downloaded from acid-root.new.fr. errorreportingEALL ^ ENOTICE; require'phpsploitclass.php'; darkfig@darky:/ ./vhcssploit.php -url http://localhost/vhcs2/ VHCS = 2.4.7.1...

VHCS 2.4.7.1 - &#039;vhcs2_daemon&#039; Remote Code Execution

!/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller has 2 users + Host domaintest.fr is connected /...

VHCS 2.4.7.1 - vhcs2_daemon Remote Code Execution

VHCS 2.4.7.1 - vhcs2daemon Remote Code Execution !/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller...

VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit

Exploit for linux platform in category remote exploits ================================================== VHCS http://acid-root.new.fr/ email protected Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwn...

VHCS PHPSESSID Cookie Session Fixation

The remote host is running VHCS, a control panel for hosting providers. The GUI portion of the version of VHCS installed on the remote host accepts session identifiers from GET and likely POST variables, which makes it susceptible to a session fixation attack. An attacker may be able to exploit...

CVE-2007-3988

Session fixation vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...

Session fixation

Session fixation vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...

CVE-2007-3988

CVE-2007-3988 affects Virtual Hosting Control System (VHCS) up to version 2.4.7.1. The issue is a session fixation vulnerability where the web GUI accepts PHPSESSID values from GET/POST, enabling a remote attacker to hijack a user session. Impact is partial confidentiality/integrity/availability ...

CVE-2007-3988

Session fixation vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...