vendor:
LinksCaffePRO
by:
sl4xUz
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: LinksCaffePRO
Affected Version From: 4.5
Affected Version To: 4.5
Patch Exists: NO
Related CWE: N/A
CPE: a:gonafish:linkscaffepro:4.5
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Gonafish LinksCaffePRO 4.5 (index.php) SQL Injection Vulnerability
LinksCaffePRO is a MySQL database driven link indexing script written in PHP 4. Using the admin script, an attacker can inject malicious SQL queries in the 'idd' parameter of the 'index.php' file, allowing them to access sensitive information from the database.
Mitigation:
N/A