GHDB
GHDB
|
Google Search: inurl:”slxweb.dll”
stonersavant rates this entry 8 out of 10. Submitted: 2004-10-26 00:00:00 Added by: stonersavant Hits: 1984 Score: 8 salesLogix is the Customer Relationship Management solution thatdrives sales performance in small to medium-sized businesses through Sales, Marketing, and Customer Support automation and back-office integration.The problem:By manipulating the cookies used by the Web Client, it is possible totrick the server into authenticating a remote user as the CRM administrator without requiring a password. It is also possible to perform SQL injection attacks on the SQL serverthat is used as the data store for the SalesLogix CRM system, reveal detailed error reports contained in HTTP headers and disclose the real filesystem paths to various SalesLogix directories. The SalesLogix server itself is vulnerable to an attack that wouldallow a malicious user to obtain the username and password used to access the SQL server used as a data store. The disclosed username and password always have read/write permissions on the database. Another vulnerability in the SalesLogix server allows anunauthenticated user to upload arbitrary files to the server in any directory (s)he chooses.http://www.securityfocus.com/bid/11450 Comments: |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?