Description - Multiple XSS and SQL Injection in Links Manager
Multiple Vulnerabilities found in Links Manager script.
- Exploit
- Available
- Solution
- Not available - check CloudNine Interactive website
1. SQL Injection.
Vulnerable script: admin.php
Parameter nick is not properly sanitized before being used in SQL query. This can be used to bypass authentication or make any SQL query by injecting arbitrary SQL code.
Condition: magic_quotes_gpc = off
2. Cross-Site Scripting.
Vulnerable Script: add_url.php
Parameters title description keywords are not properly sanitized. This can be used to post arbitrary HTML or web script code. This code will be executed when administrator will visit control panel for link approval.
Order PHP Code Analysis
You may order source code audit of your site or web application done by Aliaksandr Hartsuyeu.The work will be done by specialists in web application security.