header-logo
Suggest Exploit
vendor:
PHPLinks
by:
Unknown
N/A
CVSS
N/A
Input validation vulnerabilities
Unknown
CWE
Product Name: PHPLinks
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: No
Related CWE:
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Multiple input validation vulnerabilities in PHPLinks

PHPLinks is reported prone to multiple input validation vulnerabilities. A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include and execute arbitrary PHP scripts. Code execution will occur in the context of the web server process that is hosting the vulnerable script. SQL injection issues are reported to exist in the application as well. Due to this, attackers may supply malicious parameters to manipulate the structure and logic of SQL queries.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11329/info

PHPLinks is reported prone to multiple input validation vulnerabilities. 

A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include and execute arbitrary PHP scripts. Code execution will occur in the context of the web server process that is hosting the vulnerable script.

SQL injection issues are reported to exist in the application as well. Due to this, attackers may supply malicious parameters to manipulate the structure and logic of SQL queries.

www.example.com/phplinks/index.php?show=../../../../../../some/some/execute

Navigation

Suggest Exploit

Services By CQR