RSS   Vulnerabilities for 'Hot or not clone'   RSS

2007-12-31
 
CVE-2007-6603

 

 
Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via a direct request to control/downloadfile.php.

 

 >>> Vendor: Hotscripts 6 Products
Cyboards php lite
Neuron blog
Clone script
Hot or not clone
Pjirc
Ablespace


Copyright 2024, cxsecurity.com

 

Back to Top