CVE-2006-7086

Sažetak

The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.

Reference

http://marc.info/?l=bugtraq&m=116370290529916&w=2
http://marc.info/?l=bugtraq&m=116373064308228&w=2
http://secunia.com/advisories/22970
http://www.securityfocus.com/bid/21112
http://www.vupen.com/english/advisories/2006/4585
https://exchange.xforce.ibmcloud.com/vulnerabilities/30340

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

10-06-2020 - 12:46

Objavljeno

02-03-2007 - 21:18