Clic Page XSS and SQL Injection Vulnerability



EKU-ID: 1632 CVE: OSVDB-ID:
Author: OruçReis Published: 2012-03-12 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: Clic Page XSS and SQL Injection Vulnerability 
# Date: 11.03.2012
# Author: OruçReis
# Vendor or Software Link: http://www.clicpremium.com/
# Version: 4.0
# Category:: webapps
# Google dork: inurl:"clic-page.php?id=1"
# Tested on: Linux Mint Apache Localhost - Windows XAMPP Localhost
# Demo site;
- http://www.banexiventures.com/clic-page.php?id=1
- http://www.autocleanservice.fr/clic-page.php?id=1
- http://www.ccjovinien.fr/clic-page.php?id=1

XSS and SQL Injection Vulnerability
SQL Injection Method : Blind SQL
OruçReis