[原文]The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier allows remote attackers to determine the owner's e-mail address by providing a portion of the domain name to the "login ID" field.
Hosting Controller forgotpassword.asp Information Disclosure
Remote / Network Access
Loss of Confidentiality
Hosting Controller contains a flaw that may allow a malicious user to disclose the
hosting owners e-mail. The issue is triggered when the attacker knows the site domain name, and removes the .com/.net/.* portion of the name before submitting it as the requested "login ID". This will lead to the script disclosing the hosting owner's e-mail address.
Upgrade to version 6.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.