It is a databaseless (flat-file) system.
The ZIP typically contains a directory (often named after a user or site) where media and scripts are stored. Analysts check for malicious PHP web shells disguised as standard images or text files. HotGlue_2022-01.zip
For a deeper dive into the software itself, you can review the Hotglue Manual or check community security repositories on GitHub for similar self-hosted security lab environments. It is a databaseless (flat-file) system
Researchers use these snapshots to see how attackers leverage open-source CMS tools to host phishing pages or C2 (Command and Control) scripts. HotGlue_2022-01.zip