Hot Links Perl PHP Information Disclosure Vulnerability

ID EDB-ID:29047
Type exploitdb
Reporter hack2prison
Modified 2006-11-15T00:00:00


Hot Links Perl PHP Information Disclosure Vulnerability. CVE-2006-7086. Webapps exploit for php platform


Hot Links is prone to an information-disclosure vulnerability because it fails to authenticate the user during specific download requests.

An attacker can exploit this issue to retrieve administrative backup files. Information obtained may aid in further attacks.

All versions of Hot Links SQL-PHP and Hot Links Pro are vulnerable; other forks may also be affected.[path]/dlback.php?dl=fullback