Hot Links download backup authorized vulnerabilities (re-post with some edit)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Hot Links download backup authorized vulnerabilities (re-post with some edit)

Subject: Hot Links download backup authorized vulnerabilities (re-post with some edit)
Date: 15 Nov 2006 05:28:31 -0000
From: suppressed

Hot Links is web directory system provided by mrcgiguy.com contain PHP+MySQL version and Perl version and PHP withou MySQL. All version are vulnerabilities

If admin backup database will store on server and attacker can download without authorized:
http://[domain.ext]/[path]/dlback.php?dl=fullback for PHP+MySQL ver. Perl is same above, you try it.

Contact vendor but no reply.

Prev by Date: Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure
Next by Date: eggblog=> 3.1.0 Cross Site Scripting
Previous by thread: worksystem => Remote File Include Vulnerability Exploit
Next by thread: eggblog=> 3.1.0 Cross Site Scripting
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.