exploit-db-mirror/exploits/php/webapps/24655.txt
Offensive Security d304cc3d3e DB: 2017-11-24
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

9 lines
No EOL
647 B
Text

source: http://www.securityfocus.com/bid/11329/info
PHPLinks is reported prone to multiple input validation vulnerabilities.
A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include and execute arbitrary PHP scripts. Code execution will occur in the context of the web server process that is hosting the vulnerable script.
SQL injection issues are reported to exist in the application as well. Due to this, attackers may supply malicious parameters to manipulate the structure and logic of SQL queries.
www.example.com/phplinks/index.php?show=../../../../../../some/some/execute