Unrated severityNVD Advisory· Published May 18, 2005· Updated Apr 16, 2026
CVE-2005-1654
CVE-2005-1654
Description
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.
Affected products
12cpe:2.3:a:hostingcontroller:hosting_controller:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:hostingcontroller:hosting_controller:*:*:*:*:*:*:*:*range: <6.1
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:-:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.0:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.1:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.2:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.3:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.4:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.5:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.6:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.7:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.8:*:*:*:*:*:*
- cpe:2.3:a:hostingcontroller:hosting_controller:6.1:hotfix1.9:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- isun.shabgard.org/hc3.txtnvdBroken LinkExploitPatch
- secunia.com/advisories/15271nvdBroken Link
News mentions
0No linked articles in our index yet.