[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : K-Rate SQL Injection Vulnerability
# Published : 2009-12-30
# Author : e.wiZz
# Previous Title : UranyumSoft Ylan Servisi Database Disclosure Vulnerability
# Next Title : vBulletin ads_saed 1.5 (bnnr.php) SQL Injection Vulnerability
K-Rate SQL Injection Vulnerability
By: e.wiZz!
#### Script site:http://turn-k.net/k-rate
In the wild...
#####################################
####Vulnerability:
SQL Injection in view.php,variable username.
Anyway, all sites i saw which are powered by this script are hosted on Apache,and have
a mod_rewrite enabled,so you need to try this:
http://inthewild/view/admi'n.html
You need to add .html at the end.