CVE-2004-1217

Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp.

Published: Jan 10, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-1217
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
hosting_controller / hosting_controller	6.1_hotfix_1.4	6.1_hotfix_1.4.x
hosting_controller / hosting_controller	6.1	6.1.x

http://marc.info/?l=bugtraq&m=110237762807764&w=2
http://www.securityfocus.com/bid/11822
https://exchange.xforce.ibmcloud.com/vulnerabilities/18363

Vulnerability Database

289,871

CVE-2004-1217