CVE-2006-6814

Name of the Vulnerable Software and Affected Versions: Hosting Controller version 7c

Description: A directory traversal issue exists, allowing remote authenticated users to read and modify arbitrary files and list directories via .. sequences in the BrowsePath parameter.

Recommendations: For version 7c, consider restricting access to the FolderManager/FolderManager.aspx page until a patch is available, and avoid using the BrowsePath parameter with untrusted input to minimize the risk of exploitation.