Back to search
CVE-2007-6603
Published: Dec 31, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via a direct request to control/downloadfile.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
4804
exploit
x_refsource_EXPLOIT-DB
40572
vdb-entry
x_refsource_OSVDB
28261
third-party-advisory
x_refsource_SECUNIA
hotornotclone-backup-info-disclosure(39344)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now