RSS   Vulnerabilities for 'Hostadmin'   RSS

2009-02-20
 
CVE-2008-6164

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

 
2007-02-23
 
CVE-2006-7056

CWE-Other
 

 
Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAdmin 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) functions.php and (2) members.php. NOTE: the index.php vector is covered by CVE-2006-0791.

 
2006-02-19
 
CVE-2006-0791

CWE-Other
 

 
PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.

 

 >>> Vendor: Dreamcost 2 Products
Hostadmin
Dreamaccount


Copyright 2022, cxsecurity.com

 

Back to Top