Intrusion Prevention

MonitorLine.Links.Management.Index.PHP.SQL.Injection

Description

This indicates an attempt to exploit a SQL injection vulnerability in Links Management Application.
The vulnerability can be exploited by sending a specially crafted HTTP request, with injected SQL statements in the "lcnt" parameter, to the "index.php" script. A remote attacker can exploit this to execute arbitrary SQL commands on the back end database.

Affected Products

Links Management Application version 1.0 and prior.

Impact

System compromise: SQL command injection.

Recommended Actions

Currently we are not aware of any vendor supplied fix for this issue.

CVE References

CVE-2007-1339