VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 31, 2006· Updated Apr 23, 2026

CVE-2006-5630

CVE-2006-5630

Description

Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to (1) delete the virtual directory of an arbitrary site via a modified ForumID parameter in a disableforum action in DisableForum.asp and (2) create an arbitrary forum virtual directory via an empty ForumID parameter in an enableforum action in EnableForum.asp.

Affected products

18
  • Hosting Controller/Hosting Controller18 versions
    cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:*range: <=6.1_hotfix_3.2
    • cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:2002:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:2002_rc_1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.