Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Link Bid Script - 'links.php' SQL Injection

🗓️ 14 May 2010 00:00:00Reported by R3d-D3V!LType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 39 Views

SQL Injection vulnerability in Link Bid Script 'links.php

Code
######################{In The Name Of Allah The Mercifull} ######################

[~] Tybe: SQL Injection Vulnerabilities 
[~] Vendor: www.linkbidscript.com 
[+] Software: Link Bid Script  
[+] author: ((R3d-D3v!L)) 
[~] 
[+] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY ---->((4.!.5)) 
[~] 
[?] contact: X[at]hotmail.co.jp 
[-] 
[?] Date: 14.Jan.2010 
[?] T!ME: 05:15 am GMT 
[?] Home: © Offensive Security 
[?] 
  
====================================================================================== 
# SQL Injection # links.php id 
====================================================================================== 
[*] Err0r C0N50L3: 
http://127.0.0.1/links.php?id={EV!L EXPLO!T} 
  
[*] prove of concept


when you put ' after id num you can see the page is changed 



and when you put {order+by+1} after id you can see the normal page


  the order is accepted so the script is infected.
  
[~]-----------------------------{((MAGOUSH-87))}------------------------------------------------# 
# 
[~] Greetz tO: [dolly &MERNA &DEV!L_MODY &po!S!ON Sc0rp!0N &JASM!N &MARWA & mAG0ush-1987] # 
# 
[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ # 
# 
[~] spechial thanks : ((HITLER JEDDAH & S!R TOTT! & DR.DAShER)) # 
# 
[?]spechial SupP0RT : MY M!ND # © Offensive Security # 
# 
[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L<--M2Z--->JUPA<---aNd--->Devil ro0t)) # 
# 
[~]spechial FR!ND: 0r45hy # 
# 
[~] !'M 4R48!4N 3XPL0!73R. # 
# 
[~]{[(D!R 4ll 0R D!E)]}; # 
# 
[~]---------------------------------------------------------------------------------------------

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 May 2010 00:00Current
7.4High risk
Vulners AI Score7.4
sql injectionlink bid scriptvulnerabilitiesarab!an !nformat!on secur!tyoffensive security
39