ColdBookmarks 1.22 SQL Injection

2010-09-08T00:00:00
ID PACKETSTORM:93558
Type packetstorm
Reporter mr_me
Modified 2010-09-08T00:00:00

Description

                                        
                                            `# ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability  
# Vendor: http://www.coldgen.com/  
# Found by: mr_me (net-ninja.net)  
  
PoC  
http://[target]/[path]/index.cfm?fuseaction=EditBookmark&BookmarkID=[SQLi]&CFID=XXXXXX&CFTOKEN=XXXXXXXX  
  
`