Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-4910. PoCs published by mr_me.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in ColdCalender v2.06 via the EventID parameter in index.cfm. It extracts database information such as version, hostname, user, and name by leveraging error-based SQL injection techniques.
Description
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in ColdCalender v2.06 via the EventID parameter in index.cfm. It extracts database information such as version, hostname, user, and name by leveraging error-based SQL injection techniques.