[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Hot Links download backup authorized vulnerabilities (re-post
From: hack2prison () yahoo ! com
Date: 2006-11-15 5:28:31
Message-ID: 20061115052831.20288.qmail () securityfocus ! com
[Download RAW message or body]
Hot Links is web directory system provided by mrcgiguy.com contain PHP+MySQL version and Perl version and PHP withou MySQL. All version are vulnerabilities
If admin backup database will store on server and attacker can download without authorized:
http://[domain.ext]/[path]/dlback.php?dl=fullback for PHP+MySQL ver. Perl is same above, you try it.
Contact vendor but no reply.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic