Vulnerabilities (CVE)

Filtered by vendor Dreamcost Subscribe

Filtered by product Hostadmin

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2008-6164	1 Dreamcost	1 Hostadmin	2024-02-04	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-7056	1 Dreamcost	1 Hostadmin	2024-02-04	6.8 MEDIUM	N/A
Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAdmin 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) functions.php and (2) members.php. NOTE: the index.php vector is covered by CVE-2006-0791.
CVE-2006-0791	1 Dreamcost	1 Hostadmin	2024-02-04	7.5 HIGH	N/A
PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.