CVE-2002-0465

Name of the Vulnerable Software and Affected Versions Hosting Controller versions 1.4.1 and earlier

Description A directory traversal issue in the filemanager.asp component allows remote attackers to read and modify arbitrary files and execute commands by utilizing a .. (dot dot) in the OpenPath parameter.

Recommendations For Hosting Controller versions 1.4.1 and earlier, consider restricting access to the filemanager.asp component until a fix is available. As a temporary workaround, avoid using the OpenPath parameter with .. (dot dot) sequences to minimize the risk of exploitation.