CVE-2007-6495

NONECVSS 0.0

0.0

inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the permissions of directories named (1) db, (2) www, (3) Special, and (4) log at arbitrary locations under the web root via a modified Dirroot parameter in an AddUser action to accounts/AccountActions.asp. NOTE: this can be leveraged for remote code execution by changing the permissions of \Forum\db, which is configured for execution of ASP scripts with administrative privileges, and then uploading a script to \Forum\db.

🔗 References (16)

cve@mitrehttp://hostingcontroller.com/english/logs/Post-Hotfix-3_3-sec-Patch-ReleaseNotes.html
cve@mitrehttp://osvdb.org/44184
cve@mitrehttp://secunia.com/advisories/28973
cve@mitrehttp://securityreason.com/securityalert/3474
cve@mitrehttp://securitytracker.com/id?1019222
cve@mitrehttp://www.securityfocus.com/archive/1/485028/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/26862
cve@mitrehttps://www.exploit-db.com/exploits/4730
af854a3a-2127-422b-91ae-364da2661108http://hostingcontroller.com/english/logs/Post-Hotfix-3_3-sec-Patch-ReleaseNotes.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/44184
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28973
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3474
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019222
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/485028/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26862

Is Your Infrastructure Affected by CVE-2007-6495?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-6495

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-6495?