header-logo
Suggest Exploit
vendor:
Web_Links Module
by:
SecurityFocus
7.5
CVSS
HIGH
Multiple Input Validation Vulnerabilities
89
CWE
Product Name: Web_Links Module
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

PHPNuke Web_Links Module Multiple Input Validation Vulnerabilities

It has been reported that multiple input validation bugs exist in the Web_Links module used by PHPNuke. Because of this, a remote user may be able to access the database and potentially gain access to sensitive information. Successful exploitation could result in compromise of the web forums or more severe consequences. An attacker can exploit this vulnerability by sending a specially crafted URL to the vulnerable server, such as: http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=2%20<our_code>, where <our_code> represents attacker-supplied SQL code.

Mitigation:

Input validation should be performed to ensure that user-supplied data is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7558/info

It has been reported that multiple input validation bugs exist in the Web_Links module used by PHPNuke. Because of this, a remote user may be able to access the database and potentially gain access to sensitive information. Successful exploitation could result in compromise of the web forums or more severe consequences. 

http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=2%20<our_code>

where <our_code> represents attacker-supplied SQL code.

Navigation

Suggest Exploit

Services By CQR