<<< Date Index >>>     <<< Thread Index >>>

Hot Links download backup authorized vulnerabilities (re-post with some edit)



Hot Links is web directory system provided by mrcgiguy.com contain PHP+MySQL 
version and Perl version and PHP withou MySQL. All version are vulnerabilities

If admin backup database will store on server and attacker can download without 
authorized:
http://[domain.ext]/[path]/dlback.php?dl=fullback for PHP+MySQL ver. Perl is 
same above, you try it.

Contact vendor but no reply.