QwikSec

Security Database

CVE

CWE

Training

CVE-2002-0466

Published: Jun 11, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrowse.asp.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

20020105 Hosting Controller's - Multiple Security Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

hosting-controller-directory-browsing(7823)

vdb-entry

x_refsource_XF

http://www.hostingcontroller.com/english/patches/ForAll/download/foldersecurity.zip

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.