Virtual Hosting Control System » Virtual Hosting Control System : Security Vulnerabilities, CVEs, CVSS score >= 9
add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.
Max CVSS
10.0
EPSS Score
1.83%
Published
2006-02-15
Updated
2018-10-19
The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access.
Max CVSS
10.0
EPSS Score
8.91%
Published
2006-02-15
Updated
2018-10-19
2 vulnerabilities found