Exploitation Summary
EIP tracks 2 public exploits for CVE-2008-0089. PoCs published by Krit.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Clip-Share's uprofile.php, allowing an attacker to extract user credentials (uid, username, pwd) from the signup table via a UNION-based attack.
Description
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.
Exploits (2)
This exploit demonstrates a SQL injection vulnerability in Clip-Share's uprofile.php, allowing an attacker to extract user credentials (uid, username, pwd) from the signup table via a UNION-based attack.
The exploit demonstrates multiple blind SQL injection vulnerabilities in ClipShare 4.1.4 by manipulating input parameters (e.g., gid, chid, UID) in various PHP files. The PoC uses boolean-based conditions (AND 1=1 vs. AND 1=2) to confirm vulnerability via error-based or white-page responses.