Hosting Controller 6.1 - 'plandetails.asp' Information Disclosure

EDB-ID:

25754




Platform:

ASP

Date:

2005-05-28


source: https://www.securityfocus.com/bid/13806/info
 
Hosting Controller is reported prone to multiple vulnerabilities. These issues can allow an attacker gain unauthorized access to data and carry out SQL injection attacks.
 
These issues reportedly affect Hosting Controller 6.1 HotFix 2.0 and prior versions.

http://www.example.com/admin/hosting/plandetails.asp?hostcustid=[PlanID]