Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-425,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hostingcontroller | hosting_controller | 6.1 |
| hostingcontroller | hosting_controller | * |
The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hostingcontroller | hc10 | 10.14 |