SuperLinks SQL Injection Vulnerability

2011-07-27T00:00:00
ID 1337DAY-ID-16566
Type zdt
Reporter Daniel Godoy
Modified 2011-07-27T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: SuperLinks SQLi
# Google Dork: inurl:/superlinks/browse.php?id=
# Date: 27/01/2011
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Tested on: Linux, Windows
 
[Comment]
Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Lisandro
Lezaeta, Inyexion, Login-Root, KikoArg, Ricota,Truenex, sunplace, _tty0, TsunamiBoom
 
[POC]
http://localhost/superlinks/browse.php?id=1
 
[SQL Injection]
http://localhost/superlinks/browse.php?id=[SQLI]



#  0day.today [2018-04-12]  #