browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Hosting_controller | Hosting_controller | 1.1 (including) | 1.1 (including) |
| Hosting_controller | Hosting_controller | 1.3 (including) | 1.3 (including) |
| Hosting_controller | Hosting_controller | 1.4 (including) | 1.4 (including) |
| Hosting_controller | Hosting_controller | 1.4.1 (including) | 1.4.1 (including) |
| Hosting_controller | Hosting_controller | 1.4b (including) | 1.4b (including) |