Exploit PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24655
Проверка EDB
  1. Пройдено
Автор
LSS SECURITY
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2004-10-05
PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities
Код:
source: https://www.securityfocus.com/bid/11329/info

PHPLinks is reported prone to multiple input validation vulnerabilities. 

A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include and execute arbitrary PHP scripts. Code execution will occur in the context of the web server process that is hosting the vulnerable script.

SQL injection issues are reported to exist in the application as well. Due to this, attackers may supply malicious parameters to manipulate the structure and logic of SQL queries.

www.example.com/phplinks/index.php?show=../../../../../../some/some/execute
 
Источник
www.exploit-db.com

Похожие темы