|
CVE Reference: CVE-2007-6603
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2007-6603
|
|
Description:
Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via a direct request to control/downloadfile.php.
|
|
CVE Status:
Candidate
|
|
References:
XF http://xforce.iss.net/xforce/xfdb/39344
SAID Secunia Advisory: SA28261
OSVDB 40572
MILW0RM http://www.milw0rm.com/exploits/4804
|
|
|
Return to the previous page.
|