This exploit demonstrates a blind SQL injection vulnerability in ClipShare 4.1.4 via the 'gid' parameter in gmembers.php. The PoC shows how to trigger the vulnerability by manipulating the SQL query to return different responses based on true/false conditions.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:ClipShare - Video Sharing Community Script 4.1.4
No auth needed
Prerequisites:MAGIC_QUOTES_GPC must be turned off on the server · A group must exist in the community