7 lines
No EOL
579 B
Text
7 lines
No EOL
579 B
Text
source: http://www.securityfocus.com/bid/4778/info
|
|
|
|
Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems.
|
|
|
|
The 'browse.asp' script is prone to an issue which may allow a remote attacker to view the contents of arbitrary files and directories. The attacker must provide a malicious value as a URL parameter in a request for the affected script, which will be read with the privileges of the web server process.
|
|
|
|
http://target/admin/browse.asp?FilePath=c:\&Opt=2&level=0 |