SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mac_os_x | Apple | 10.4.9 (including) | 10.4.9 (including) |
| Hp-ux | Hp | * | * |
| Tru64 | Hp | 5.1b_pk2_bl22 (including) | 5.1b_pk2_bl22 (including) |
| Aix | Ibm | * | * |
| Os2 | Ibm | * | * |
| Linux_kernel | Linux | * | * |
| Windows_2000 | Microsoft | * | * |
| Windows_2003_server | Microsoft | sp2 (including) | sp2 (including) |
| Windows_95 | Microsoft | * | * |
| Windows_98 | Microsoft | * | * |
| Windows_98se | Microsoft | * | * |
| Windows_me | Microsoft | * | * |
| Windows_nt | Microsoft | 4.0 (including) | 4.0 (including) |
| Windows_xp | Microsoft | * | * |
| Sco_unix | Santa_cruz_operation | * | * |
| Solaris | Sun | * | * |
| Bsdos | Windriver | * | * |
References
- http://securityreason.com/securityalert/2285
- http://www.securityfocus.com/archive/1/435166/30/4680/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26720
- http://securityreason.com/securityalert/2285
- http://www.securityfocus.com/archive/1/435166/30/4680/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26720