CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0686

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile15.12th
PublishedFeb 15, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.

Affected Platforms (CPE)

πŸ“¦
Virtual Hosting Control System

Virtual Hosting Control System

<= 2.4.7.1

References & Advisories

πŸ”— http://secunia.com/advisories/18799
πŸ”— http://securityreason.com/securityalert/430
πŸ”— http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt
πŸ”— http://www.securityfocus.com/archive/1/424816/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/16600
πŸ”— http://www.vupen.com/english/advisories/2006/0534
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/24667
πŸ”— http://secunia.com/advisories/18799

Related Vulnerabilities

CVE-2006-068510.0

The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authenticati...

CVE-2017-122519.9

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker t...

CVE-2020-74529.1

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11...

CVE-2021-36538.8

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual...