CVE-2007-1339

Links Management Application < 1.0 - SQL Injection via lcnt Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1339. PoCs published by ajann.

AI-analyzed exploit summary This Perl script exploits a blind SQL injection vulnerability in Links Management Application V1.0 by injecting a malicious SQL query to extract admin credentials. It sends a crafted HTTP request to the target and parses the response to retrieve the username and password.

Description

SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ajann · perlwebappsphp

https://www.exploit-db.com/exploits/3416

View Code ZIP pw:eip

This Perl script exploits a blind SQL injection vulnerability in Links Management Application V1.0 by injecting a malicious SQL query to extract admin credentials. It sends a crafted HTTP request to the target and parses the response to retrieve the username and password.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Links Management Application V1.0

No auth needed

Prerequisites: Target URL with vulnerable endpoint · Network access to the target

MITRE ATT&CK