Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6603


Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6603
Last Modified 03 Apr 2009 01:27:02
Published 31 Dec 2007 03:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via a direct request to control/downloadfile.php.

Vulnerable Systems


  • Hotscripts Hot Or Not Clone


MILW0RM - 4804

OSVDB - 40572

XF - hotornotclone-backup-info-disclosure(39344)

SECUNIA - 28261

Last Updated: 27 May 2016 10:46:32