CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0685

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1530%
EPSS Percentile44.17th
PublishedFeb 15, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access.

Affected Platforms (CPE)

πŸ“¦
Virtual Hosting Control System

Virtual Hosting Control System

<= 2.4.7.1

References & Advisories

πŸ”— http://secunia.com/advisories/18799
πŸ”— http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt
πŸ”— http://www.securityfocus.com/archive/1/424816/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/16600
πŸ”— http://www.vupen.com/english/advisories/2006/0534
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/24666
πŸ”— http://secunia.com/advisories/18799
πŸ”— http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt

Related Vulnerabilities

CVE-2006-068610.0

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new adminis...

CVE-2017-122519.9

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker t...

CVE-2020-74529.1

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11...

CVE-2021-36538.8

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual...