[] NeoSense
E X P L O I T S
title author type platform port cve id

MyPHPSoft MyPHPLinks 2.1.9/2.2 - SQL Injection Administration Bypassing

Author: frog
type: webapps
platform: php
port: 
date_added: 2002-12-14 
date_updated: 2012-10-19 
verified: 1 
codes: CVE-2002-2304;OSVDB-41009 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/6395/info

MyPHPLinks is a freely available, open source PHP application distributed by MyPHPSoft. It is available for Unix, Linux, and Microsoft Windows operating systems.

It has been reported that a problem with the checking of input by MyPHPLinks exists. A problem in the checking of the idsession variable used by MyPHPLinks to verify Administrator access may allow a remote user to gain access to the host. This problem could allow an attacker to gain administrator access to the MyPHPLinks section of a web site.

http://www.example.com/admin/index.php?idsession='%20OR%20''='
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.