Hotscripts : Security Vulnerabilities, CVEs, Published In 2007

CVE-2007-6603

Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via a direct request to control/downloadfile.php.
Max CVSS
5.0
EPSS Score
0.83%
Published
2007-12-31
Updated
2017-09-29

CVE-2007-6084

SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2007-11-22
Updated
2017-09-29

CVE-2007-4371

Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/.
Max CVSS
6.8
EPSS Score
0.95%
Published
2007-08-15
Updated
2018-10-15
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close