AV Arcade Free Edition (add_rating.php, id parameter) Blind SQL Injection

2012-09-02 11:05:05

##########################################
[~] Exploit Title: AV Arcade Free Edition Blind SQL Injection
[~] Date: 31/08/2012
[~] Author: DaOne (@LibyanCA)
[~] Software Link: http://www.avscripts.net/avarcade/freearcadescript/
[~] Google Dork: intext:Powered by AV Arcade Free Edition"
##########################################

# Exploit-DB Note: Must be logged in.

[#] [ Exploit ]

http://localhost/content/add_rating.php?id=[Blind SQL Injection]


##########################################
[*] thanks to : All LibyanCA Members (^_^)
##########################################

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.