A new exploit from vulnwatch has arrived overnight in my inbox, it is for the popular web hosting management tool vhcs, Virtual Control Hosting System. This exploit is particularly good because it gives you the ability to create a full ADMIN account on any server running the vulnerable vhcs software, which ATM is ALL THE VERSIONS. This would allow full control of the server, and all subdomains etc that are hosted on it, this kind of control could lead to phishing attacks (redirect traffic to spoof site still keeping the url the same), stealing *****, accounts, defacing sites, basically you can do what you want with this sort of control, the news stories of people hacking into major websites is usually done through exploits like this. The full email is in next post: