Bug: ssLinks <=v1.22 Multiple SQL Injection Vulnerabilities ( Ascii Version )

Search:
WLB2

ssLinks <=v1.22 Multiple SQL Injection Vulnerabilities

Published
Credit
Risk
2006.09.08
sirdarckcat
Medium
CWE
CVE
Local
Remote
CWE-89
CVE-2006-4598
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

Discovered by Sirdarckcat from elhacker.net

------------------------------------------------------------------------
------------

ssLinks v1.22 Multiple SQL Injection Vulnerabilities

http://scripts.incutio.com/sslinks/

------------------------------------------------------------------------
------------

SSLinks is a simple PHP Program for administrating

WebSite links exchange, and administration, with a

MySql database.

It suffers of multiple SQL Injection Vulnerabilities.

------------------------------------------------------------------------
------------

SQL Injection, "go"

links.php:24-27 => global.inc.php:543-569

The variable $id is never cleaned, so in both, UPDATE and SELECT statements, is a SQL Injection Bug.

------------------------------------------------------------------------
------------

SQL Injection, "rate"

links.php:48-51 => global.inc.php:514-549

The variable $id is never cleaned, so $id is exploitable, in both, the SELECT and UPDATE statements.

------------------------------------------------------------------------
------------

Att.

SirDarckCat

elhacker.net

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version