Hosting Controller still have dangerous bugs!

[hdlkha () yahoo com <hdlkha () yahoo com>]

-Vulnerable versions: all HC versions.

1.Database directory travelsal:
By adding slash dot dot,the user can view the files,folders 
located on the sytem and can add DSN out of user root 
directory.
http://www.target.com/admin/dsn/dsnmanager.asp?
DSNAction=ChangeRoot&RootName=D:\webspace\opendnsserver\targ
et\target.com\db\..\..\..\..\
2.Any user can bypass the authority to take control of any 
files on the system:
This vulnerability is on the /import/imp_rootdir.asp file 
that  let any user can copy,delete files,folders on the 
system.
The user can easily take control of any files just by 
changing the import directory:
http://www.target.com/admin/import/imp_rootdir.asp?
result=1&www=C:\&ftp=C:\&owwwPath=C:\&oftpPath=C:\

-Exploit:By default,advwebadmin is in Administrator group 
so any scripts run under /admin directory will have 
administrator privilege on the system root.The user can 
upload malicious script code to /admin directory and 
execute arbitrary command via browser.

-Workaround:looking for the newest patch for HC from 
www.hostingcontroller.com

KHA
hdlkha () yahoo com
http://www.viethacker.net