CVE-2006-5881

SQL injection vulnerability in clCatListing.asp in Dynamic Dataworx NuCommunity 1.0 allows remote attackers to execute arbitrary SQL commands via the clcatID parameter...

CVE-2006-5881

CVE-2006-5881 describes a SQL injection in cl_CatListing.asp of Dynamic Dataworx NuCommunity 1.0, exploitable via the cl_cat_ID parameter. The CVSS vector (AV:N/AC:L/Au:N/C:P/I:P/A:P) yields a base score of 7.5 (HIGH), indicating partial disclosure, integrity, and availability impacts. The provid...

nucommunity-10.txt

From:Filistin,Lubnan,IraQ,Turkey !/usr/bin/perl Script Name: NuCommunity 1.0 clCatListing.asp Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : use IO::Socket; if@ARGV newProto = "tcp", PeerAddr = "$server", PeerPort = "$port" || die "\n+ Connection failed...\n"; print...

NuCommunity 1.0 - cl_CatListing.asp SQL Injection

NuCommunity 1.0 - clCatListing.asp SQL Injection !/usr/bin/perl Script Name: NuCommunity 1.0 clCatListing.asp Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : use IO::Socket; if@ARGV newProto = "tcp", PeerAddr = "$server", PeerPort = "$port" || die "\n+ Connection...

NuCommunity 1.0 - 'cl_CatListing.asp' SQL Injection

!/usr/bin/perl Script Name: NuCommunity 1.0 clCatListing.asp Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : use IO::Socket; if@ARGV newProto = "tcp", PeerAddr = "$server", PeerPort = "$port" || die "\n+ Connection failed...\n"; print $socket "GET $target\n"; print $socke...