Hostadmin CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Dreamcost Subscriptions

Filtered by product Hostadmin Subscriptions

Search

Switch to Advanced Search (Beta)

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2006-7056	1 Dreamcost	1 Hostadmin	2025-04-09	N/A
Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAdmin 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) functions.php and (2) members.php. NOTE: the index.php vector is covered by CVE-2006-0791.
CVE-2008-6164	1 Dreamcost	1 Hostadmin	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-0791	1 Dreamcost	1 Hostadmin	2025-04-03	N/A
PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.

Page 1 of 1.