- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24655
- Проверка EDB
-
- Пройдено
- Автор
- LSS SECURITY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2004-10-05
PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities
Код:
source: https://www.securityfocus.com/bid/11329/info
PHPLinks is reported prone to multiple input validation vulnerabilities.
A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include and execute arbitrary PHP scripts. Code execution will occur in the context of the web server process that is hosting the vulnerable script.
SQL injection issues are reported to exist in the application as well. Due to this, attackers may supply malicious parameters to manipulate the structure and logic of SQL queries.
www.example.com/phplinks/index.php?show=../../../../../../some/some/execute
- Источник
- www.exploit-db.com