ColdBookmarks 1.22 - SQL Injection



EKU-ID: 21290 CVE: OSVDB-67868;CVE-2010-4915 OSVDB-ID:
Author: mr_me Published: 2010-09-07 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


# ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability
# Vendor: http://www.coldgen.com/
# Found by: mr_me (net-ninja.net)

PoC
http://[target]/[path]/index.cfm?fuseaction=EditBookmark&BookmarkID=[SQLi]&CFID=XXXXXX&CFTOKEN=XXXXXXXX