CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-0686

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile15.12th
Published2006年2月15日
Last Modified2026年4月16日

Vulnerability Description

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.

Affected Platforms (CPE)

📦
Virtual Hosting Control System

Virtual Hosting Control System

<= 2.4.7.1

References & Advisories

🔗 http://secunia.com/advisories/18799
🔗 http://securityreason.com/securityalert/430
🔗 http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt
🔗 http://www.securityfocus.com/archive/1/424816/100/0/threaded
🔗 http://www.securityfocus.com/bid/16600
🔗 http://www.vupen.com/english/advisories/2006/0534
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/24667
🔗 http://secunia.com/advisories/18799

関連する脆弱性情報

CVE-2006-068510.0

The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authenticati...

CVE-2017-122519.9

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker t...

CVE-2020-74529.1

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11...

CVE-2021-36538.8

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual...