EXPLOITS

AV Arcade Free Edition - 'add_rating.php?id' Blind SQL Injection

Author: DaOne
type: webapps
platform: php
port: 
date_added: 2012-09-02  
date_updated: 2012-09-02  
verified: 1  
codes: OSVDB-85149  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 21007.txt  

##########################################
[~] Exploit Title: AV Arcade Free Edition Blind SQL Injection
[~] Date: 31/08/2012
[~] Author: DaOne (@LibyanCA)
[~] Software Link: http://www.avscripts.net/avarcade/freearcadescript/
[~] Google Dork: intext:Powered by AV Arcade Free Edition"
##########################################

# Exploit-DB Note: Must be logged in.

[#] [ Exploit ]

http://localhost/content/add_rating.php?id=[Blind SQL Injection]


##########################################
[*] thanks to : All LibyanCA Members (^_^)
##########################################