Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Hot Links download backup authorized vulnerabilities

From: hack2prison () yahoo com
Date: 15 Nov 2006 05:26:06 -0000
Hot Links is web directory system provided by mrcgiguy.com contain PHP+MySQL version and Perl version and PHP withou 
MySQL. All version are vulnerabilities

If admin backup database will store on server and attacker can download without authorized:
http://[domain.ext]/[path]/dlback.php?dl=fullback

Contact vendor but no reply.
Previous By Date Next
Previous By Thread Next

Current thread: