Unrated severityNVD Advisory· Published Oct 31, 2006· Updated Apr 23, 2026
CVE-2006-5629
CVE-2006-5629
Description
Multiple SQL injection vulnerabilities in Hosting Controller 6.1 before Hotfix 3.3 allow remote attackers to execute arbitrary SQL commands via the ForumID parameter in (1) DisableForum.asp and (2) enableForum.asp. NOTE: it was later reported that the vulnerability is present in 6.1 Hotfix 3.3 and earlier.
Affected products
18cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:*range: <=6.1_hotfix_3.2
- cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.7:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.9:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.0:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.1:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.2:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.3:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.4:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_3.1:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:2002:*:*:*:*:*:*:*
- cpe:2.3:a:hosting_controller:hosting_controller:2002_rc_1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- securitytracker.com/idnvdExploitPatch
- www.kapda.ir/advisory-442.htmlnvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/20661nvdExploitPatch
- secunia.com/advisories/22607nvdVendor Advisory
- secunia.com/advisories/28973nvdVendor Advisory
- www.vupen.com/english/advisories/2006/4296nvdVendor Advisory
- hostingcontroller.com/english/logs/Post-Hotfix-3_3-sec-Patch-ReleaseNotes.htmlnvd
- www.securityfocus.com/archive/1/485028/100/0/threadednvd
- www.securityfocus.com/bid/26862nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/39036nvd
- www.exploit-db.com/exploits/4730nvd
News mentions
0No linked articles in our index yet.