[] NeoSense
E X P L O I T S
title author type platform port cve id

Hot Links - Perl PHP Information Disclosure

Author: hack2prison
type: webapps
platform: php
port: 
date_added: 2006-11-15 
date_updated: 2013-10-18 
verified: 1 
codes: CVE-2006-7086;OSVDB-30486 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/21112/info

Hot Links is prone to an information-disclosure vulnerability because it fails to authenticate the user during specific download requests.

An attacker can exploit this issue to retrieve administrative backup files. Information obtained may aid in further attacks.

All versions of Hot Links SQL-PHP and Hot Links Pro are vulnerable; other forks may also be affected.

http://www.example.com/[path]/dlback.php?dl=fullback
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.