CVE-2006-7086
Hot Links - Exposure of Sensitive Information via Direct Request with Modified dl Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-7086. PoCs published by hack2prison.
AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in Hot Links SQL-PHP and Hot Links Pro. The vulnerability allows unauthenticated attackers to download administrative backup files via a direct request to 'dlback.php'.
Description
The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.
Exploits (1)
This is a writeup describing an information disclosure vulnerability in Hot Links SQL-PHP and Hot Links Pro. The vulnerability allows unauthenticated attackers to download administrative backup files via a direct request to 'dlback.php'.