CVE-2005-0695

The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier allows remote attackers to determine the owner's e-mail address by providing a portion of the domain name to the "login ID" field.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*
cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:*
cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:*
cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:*
cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:*
cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.7:*:*:*:*:*:*:*

History

20 Nov 2024, 23:55

Type Values Removed Values Added
References () http://isun.shabgard.org/hc2.txt - Patch, Vendor Advisory () http://isun.shabgard.org/hc2.txt - Patch, Vendor Advisory
References () http://marc.info/?l=bugtraq&m=111026083314947&w=2 - () http://marc.info/?l=bugtraq&m=111026083314947&w=2 -
References () http://secunia.com/advisories/14522 - Patch, Vendor Advisory () http://secunia.com/advisories/14522 - Patch, Vendor Advisory

Information

Published : 2005-03-07 05:00

Updated : 2024-11-20 23:55


NVD link : CVE-2005-0695

Mitre link : CVE-2005-0695

CVE.ORG link : CVE-2005-0695


JSON object : View

Products Affected

hosting_controller

  • hosting_controller