CVE Vulnerabilities

CVE-2006-0581

Published: Feb 08, 2006 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.

Affected Software

Name Vendor Start Version End Version
Hosting_controller Hosting_controller 6.1_hotfix_2.8 6.1_hotfix_2.8

References