Lucene search
R0tEDB-ID:27854HistoryApr 25, 2006 - 12:00 a.m.
Cartweaver 2.16.11 Details.cfm ProdID Parameter SQL Injection
2006-04-2500:00:00
r0t
www.exploit-db.com
68
EPSS
0.009
Percentile
82.6%
Cartweaver 2.16.11 Details.cfm ProdID Parameter SQL Injection. CVE-2006-2046. Webapps exploit for cfm platform
source: http://www.securityfocus.com/bid/17941/info
Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries.
Successful exploits could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
http://www.example.com/Details.cfm?ProdID=[SQL]
Related
nvd
nvd
CVE-2006-2046
2006-04-26 20:06:00
CVE-2008-2918
2008-06-30 18:24:00
prion
prion
Sql injection
2006-04-26 20:06:00
Sql injection
2008-06-30 18:24:00
cve
cve
CVE-2006-2046
2006-04-26 20:06:00
CVE-2008-2918
2008-06-30 18:24:00
exploitdb
exploitdb
Cartweaver 2.16.11 - 'Results.cfm' SQL Injection
2006-04-25 00:00:00
Cartweaver 2.16.11 - 'ProdID' SQL Injection
2007-08-06 00:00:00
cvelist
cvelist
CVE-2006-2046
2006-04-26 20:00:00
CVE-2008-2918
2008-06-30 18:00:00