|
|
CVE Reference: CVE-2007-6603 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-6603 |
|
|
Description: Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via a direct request to control/downloadfile.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/39344 SAID Secunia Advisory: SA28261 OSVDB 40572 MILW0RM http://www.milw0rm.com/exploits/4804 |
|
| Return to the previous page. |
