header-logo
Suggest Exploit
vendor:
Superlinks Plugin
by:
Napsterakos
N/A
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Superlinks Plugin
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2014

Cacti – Superlinks Plugin SQL Injection

The Cacti Superlinks plugin is vulnerable to SQL Injection.

Mitigation:

Update to the latest version of the Superlinks plugin or remove it if not necessary.
Source

Exploit-DB raw data:

 $$$$$$\      $$\   $$\     $$$$$$\  
$$  __$$\     $$ |  $$ |   $$  __$$\ 
$$ /  \__|    $$ |  $$ |   $$ /  \__|
$$ |$$$$\     $$$$$$$$ |   \$$$$$$\  
$$ |\_$$ |    $$  __$$ |    \____$$\ 
$$ |  $$ |    $$ |  $$ |   $$\   $$ |
\$$$$$$  |$$\ $$ |  $$ |$$\\$$$$$$  |
 \______/ \__|\__|  \__|\__|\______/ 
 
# Exploit Title: Cacti - Superlinks Plugin SQL Injection
# Google Dork: inurl:"/cacti/plugins/superlinks/"
# Date: 18/06/2014
# Exploit Author: Napsterakos
# Software Link: http://docs.cacti.net/plugin:superlinks


Link: http://localhost/cacti/plugins/superlinks/

Exploit: http://localhost/cacti/plugins/superlinks/superlinks.php?id=[SQLi]

Credits to: Greek Hacking Scene

Navigation

Suggest Exploit

Services By CQR