Hosting Controller Unauthorized File Access and Upload Vulnerability

Hosting Controller is an application which centralizes all hosting tasks to one interface. Hosting Controller gives every user the required control they need to manage the appropriate web site relevant to them. Hosting Controller runs on Microsoft Windows systems.

Reportedly, an issue exists in Hosting Controller which could enable a user to read, delete and upload arbitrary files to the host.

Due to a flaw in filemanager.asp a user could exploit this issue by attempting to connect to an existing account and specifying '../' character sequences.


Privacy Statement
Copyright 2010, SecurityFocus