In GOD We Trust Kachal667 Under9round Team (KuT) Hi, Here's my(LrK) new advisory about Hosting Controller. Hosting Controller - CSS vulnerabilities Found date : Pri8 Public Date: 02/11/2005 Summary ------- Hosting Controller is an all-in-one administrative hosting tool for Windows. It automates a wide range of hosting tasks and provides control of each hosted site to the respective owners. Hosting Controller is now widely used by hosting providers and can be found at http://www.hostingcontroller.com. HostingController was tested. (Probably all prior versions) Vulnerability Impact: An attacker may be able to put him message or photo or .. not intended to be publically accessible and upload scripts to manipulate files and control administration of sites using the latest version of HostingController. Lone Rider Knight Details ------- Vulnerability Hosting Controller has a security flaw which allows outside attackers to Put her message with css Sample scripts that allow browsing anywhere on the server: http://www.eg.com/admin/hosting/error.asp?error=<salam!> http://www.eg.com/admin/hosting/error.asp?error=<IMG%20height=340%20src= "http://eg.com/Deface/deface.jpg"%20width="596"> http://www.eg.com/hosting/error.asp?error=<IMG%20height=340%20src="http: //eg.com/Deface/deface.jpg"%20width="596"> The directory "hc" is an example of the path to the HostingController script on the sample domain. The actual "hc" directory name -- such as "admin" or "hostingcontroller" -- must be discovered for each "eg.com" and replaced in the above URL scripts. Lone Rider Knight