Lucene search
K

7 matches found

exploitpack
exploitpack
added 2008/03/09 12:0 a.m.40 views

VHCS 2.4.7.1 - vhcs2_daemon Remote Code Execution

VHCS 2.4.7.1 - vhcs2daemon Remote Code Execution !/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2008/03/09 12:0 a.m.34 views

VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution

!/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller has 2 users + Host domaintest.fr is connected /...

7.4AI score
Exploits0
Prion
Prion
added 2007/07/25 6:30 p.m.12 views

Session fixation

Session fixation vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...

6.8CVSS7.2AI score0.01442EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2006/02/15 12:2 a.m.14 views

Design/Logic Flaw

adduser.php in Virtual Hosting Control System VHCS 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access...

10CVSS7.5AI score0.02815EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2006/02/15 12:2 a.m.18 views

CVE-2006-0683

Cross-site scripting XSS vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log...

4.3CVSS5.6AI score0.01299EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/02/15 12:0 a.m.23 views

CVE-2006-0686

adduser.php in Virtual Hosting Control System VHCS 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access...

6.9AI score0.02815EPSS
Exploits0References7
Cvelist
Cvelist
added 2006/02/15 12:0 a.m.21 views

CVE-2006-0683

Cross-site scripting XSS vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log...

5.6AI score0.01299EPSS
Exploits0References6
Rows per page
Query Builder