This exploit demonstrates an SQL injection vulnerability in Clip Bucket <= 1.7.1 due to insecure cookie handling. The PoC manipulates cookie values to bypass authentication by injecting SQL payloads into the userid, username, and session cookies.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Clip Bucket <= 1.7.1
No auth needed
Prerequisites:Magic quotes must be off · Target must be using Clip Bucket <= 1.7.1