CVE-2009-0431

Name of the Vulnerable Software and Affected Versions LinksPro Standard Edition (affected versions not specified)

Description A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the OrderDirection parameter in the Default.asp file.

Recommendations For LinksPro Standard Edition, avoid using the OrderDirection parameter in the Default.asp file until the issue is resolved. As a temporary workaround, consider restricting access to the Default.asp file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.