- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 29047
- Проверка EDB
-
- Пройдено
- Автор
- HACK2PRISON
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-7086
- Дата публикации
- 2006-11-15
Код:
source: https://www.securityfocus.com/bid/21112/info
Hot Links is prone to an information-disclosure vulnerability because it fails to authenticate the user during specific download requests.
An attacker can exploit this issue to retrieve administrative backup files. Information obtained may aid in further attacks.
All versions of Hot Links SQL-PHP and Hot Links Pro are vulnerable; other forks may also be affected.
http://www.example.com/[path]/dlback.php?dl=fullback- Источник
- www.exploit-db.com
