GoldLink 3.0 Cookie SQL Injection Vulnerability

2003-10-18T00:00:00
ID EDB-ID:23259
Type exploitdb
Reporter Weke
Modified 2003-10-18T00:00:00

Description

GoldLink 3.0 Cookie SQL Injection Vulnerability. CVE-2003-1504. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/8847/info

GoldLink is prone to SQL injection attacks. This is due to insufficient validation of values supplied via cookies. As a result, it may be possible to manipulate SQL queries, potentially resulting in information disclosure, bulletin board compromise or other consequences. 

vadmin_login = ' OR Login LIKE '%

and

vadmin_pass = ' OR Password LIKE '%