EthicLinks SQL Injection and XSS Vuln

[o] EthicLinks SQL Injection and XSS Vulnerability
Software : EthicLinks
Vendor : http://ethiclinks.com/
Author : NoGe


[o] Vulnerable file
link.php
links.php
ethiclinks.php


[o] Exploit
http://localhost/[path]/link.php?cat_id=[SQL] & [XSS]
http://localhost/[path]/links.php?cat_id=[SQL] & [XSS]
http://localhost/[path]/ethiclinks.php?cat_id=[SQL] & [XSS]


[o] Dork
"Powered by EthicLinks"


2 Responses so far.

  1. NoGe says:

    eh bikin satu site untuk private script aje cuy...