MonitorLine.Links.Management.Index.PHP.SQL.Injection
Description
This indicates an attempt to exploit a SQL injection vulnerability in Links Management Application.
The vulnerability can be exploited by sending a specially crafted HTTP request, with injected SQL statements in the "lcnt" parameter, to the "index.php" script. A remote attacker can exploit this to execute arbitrary SQL commands on the back end database.
Affected Products
Links Management Application version 1.0 and prior.
Impact
System compromise: SQL command injection.
Recommended Actions
Currently we are not aware of any vendor supplied fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |