Hamid Kashfi

**Name of the Vulnerable Software and Affected Versions** Hosting Controller versions 6.1 Hotfix 1.7 and earlier **Description** The issue allows remote attackers to obtain sensitive information via a direct request to "HCDiskQuotaService.csv". This is because log files are stored under the web root. **Recommendations** For Hosting Controller versions 6.1 Hotfix 1.7 and earlier, consider restricting access to the log files, specifically "HCDiskQuotaService.csv", to prevent remote attackers from obtaining sensitive information. As a temporary workaround, consider moving log files outside of the web root until a more permanent solution is available.

**Name of the Vulnerable Software and Affected Versions** Hosting Controller versions 6.1 Hotfix 1.7 and earlier **Description** The password recovery feature in the vulnerable software allows remote attackers to determine the owner's e-mail address by providing a portion of the domain name to the `login ID` field in the "forgotpassword.asp" page. **Recommendations** For Hosting Controller versions 6.1 Hotfix 1.7 and earlier, consider disabling the password recovery feature or restricting access to the "forgotpassword.asp" page until a fix is available. As a temporary workaround, avoid using the `login ID` field with partial domain names to minimize the risk of exploitation.