Web application abuses : Beerwin's PhpLinkAdmin <= 1.0 Multiple Vulnerabilities

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.100058

Category: Web application abuses

Title: Beerwin's PhpLinkAdmin <= 1.0 Multiple Vulnerabilities - Active Check

Summary: Beerwin's PhpLinkAdmin is prone to multiple input validation; vulnerabilities, including a remote file include (RFI) issue and multiple SQL injection (SQLi); issues.

Description: Summary:
Beerwin's PhpLinkAdmin is prone to multiple input validation
vulnerabilities, including a remote file include (RFI) issue and multiple SQL injection (SQLi)
issues.

Vulnerability Impact:
A successful exploit may allow an attacker to execute malicious
code within the context of the webserver process, compromise the application, access or modify
data, or exploit latent vulnerabilities in the underlying database.

Affected Software/OS:
Beerwin's PhpLinkAdmin version 1.0 and probably prior.

Solution:
No known solution was made available for at least one year
since the disclosure of this vulnerability. Likely none will be provided anymore. General
solution options are to upgrade to a newer release, disable respective features, remove the
product or replace the product by another one.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1024
BugTraq ID: 34129
http://www.securityfocus.com/bid/34129
https://www.exploit-db.com/exploits/8216
http://osvdb.org/52778
http://secunia.com/advisories/34323
http://www.vupen.com/english/advisories/2009/0733
XForce ISS Database: phplinkadmin-edlink-sql-injection(49265)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49265

Copyright Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.100058
Category:	Web application abuses
Title:	Beerwin's PhpLinkAdmin <= 1.0 Multiple Vulnerabilities - Active Check
Summary:	Beerwin's PhpLinkAdmin is prone to multiple input validation; vulnerabilities, including a remote file include (RFI) issue and multiple SQL injection (SQLi); issues.
Description:	Summary: Beerwin's PhpLinkAdmin is prone to multiple input validation vulnerabilities, including a remote file include (RFI) issue and multiple SQL injection (SQLi) issues. Vulnerability Impact: A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Affected Software/OS: Beerwin's PhpLinkAdmin version 1.0 and probably prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1024 BugTraq ID: 34129 http://www.securityfocus.com/bid/34129 https://www.exploit-db.com/exploits/8216 http://osvdb.org/52778 http://secunia.com/advisories/34323 http://www.vupen.com/english/advisories/2009/0733 XForce ISS Database: phplinkadmin-edlink-sql-injection(49265) https://exchange.xforce.ibmcloud.com/vulnerabilities/49265
Copyright	Copyright (C) 2009 Greenbone AG